br0kenpixel/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2025-09-06 06:36:58 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

Compare commits

base: br0kenpixel:canary-28102
Branches Tags
br0kenpixel:master
br0kenpixel:v30.2 br0kenpixel:v30.1 br0kenpixel:v30.0 br0kenpixel:canary-29001 br0kenpixel:v29.0 br0kenpixel:canary-28104 br0kenpixel:canary-28103 br0kenpixel:canary-28102 br0kenpixel:canary-28101 br0kenpixel:v28.1 br0kenpixel:canary-28003 br0kenpixel:canary-28002 br0kenpixel:canary-28001 br0kenpixel:v28.0 br0kenpixel:canary-27008 br0kenpixel:canary-27007 br0kenpixel:canary-27006 br0kenpixel:canary-27005 br0kenpixel:v27.0 br0kenpixel:v26.4 br0kenpixel:v26.3 br0kenpixel:v26.2 br0kenpixel:v26.1 br0kenpixel:v26.0 br0kenpixel:v25.2 br0kenpixel:v25.1 br0kenpixel:v25.0 br0kenpixel:v24.3 br0kenpixel:v24.2 br0kenpixel:v24.1 br0kenpixel:v24.0 br0kenpixel:v23.0 br0kenpixel:v22.1 br0kenpixel:v22.0 br0kenpixel:manager-v8.0.7 br0kenpixel:v21.4 br0kenpixel:manager-v8.0.6 br0kenpixel:v21.3 br0kenpixel:manager-v8.0.5 br0kenpixel:v21.2 br0kenpixel:manager-v8.0.4 br0kenpixel:manager-v8.0.3 br0kenpixel:v21.1 br0kenpixel:manager-v8.0.2 br0kenpixel:manager-v8.0.1 br0kenpixel:v21.0 br0kenpixel:manager-v8.0.0 br0kenpixel:v20.4 br0kenpixel:v20.3 br0kenpixel:manager-v7.5.1 br0kenpixel:v20.2 br0kenpixel:manager-v7.5.0 br0kenpixel:manager-v7.4.0 br0kenpixel:v20.1 br0kenpixel:manager-v7.3.5 br0kenpixel:v20.0 br0kenpixel:manager-v7.3.4 br0kenpixel:v19.4 br0kenpixel:manager-v7.3.2 br0kenpixel:manager-v7.3.1 br0kenpixel:manager-v7.3.0 br0kenpixel:v19.3 br0kenpixel:manager-v7.2.0 br0kenpixel:v19.2 br0kenpixel:manager-v7.1.2 br0kenpixel:v19.1 br0kenpixel:manager-v7.1.1 br0kenpixel:v19.0 br0kenpixel:manager-v7.1.0 br0kenpixel:v18.1 br0kenpixel:manager-v7.0.0 br0kenpixel:manager-v6.1.0 br0kenpixel:v18.0 br0kenpixel:v17.3 br0kenpixel:manager-v6.0.1 br0kenpixel:manager-v6.0.0 br0kenpixel:v17.2 br0kenpixel:v17.1 br0kenpixel:manager-v5.9.1 br0kenpixel:v17.0 br0kenpixel:manager-v5.9.0 br0kenpixel:manager-v5.8.3 br0kenpixel:v16.7 br0kenpixel:manager-v5.8.2 br0kenpixel:manager-v5.8.1 br0kenpixel:v16.6 br0kenpixel:manager-v5.8.0 br0kenpixel:v16.4 br0kenpixel:manager-v5.7.0 br0kenpixel:v16.3 br0kenpixel:manager-v5.6.4 br0kenpixel:v16.2 br0kenpixel:manager-v5.6.3 br0kenpixel:v16.1 br0kenpixel:manager-v5.6.2 br0kenpixel:v16.0 br0kenpixel:manager-v5.6.1 br0kenpixel:v15.4 br0kenpixel:manager-v5.6.0 br0kenpixel:v15.3 br0kenpixel:manager-v5.5.5 br0kenpixel:manager-v5.5.4 br0kenpixel:v15.2 br0kenpixel:manager-v5.5.3 br0kenpixel:v15.1 br0kenpixel:manager-v5.5.2 br0kenpixel:v15.0 br0kenpixel:manager-v5.5.1 br0kenpixel:v14.6 br0kenpixel:manager-v5.5.0 br0kenpixel:v14.5 br0kenpixel:manager-v5.4.3 br0kenpixel:manager-v5.4.2 br0kenpixel:v14.3 br0kenpixel:manager-v5.4.0 br0kenpixel:v14.2 br0kenpixel:manager-v5.3.5 br0kenpixel:v14.0 br0kenpixel:manager-v5.3.0 br0kenpixel:manager-v5.2.0 br0kenpixel:manager-v5.1.1 br0kenpixel:v13.3 br0kenpixel:manager-v5.1.0 br0kenpixel:manager-v5.0.6 br0kenpixel:manager-v5.0.5 br0kenpixel:v13.2 br0kenpixel:v13.1 br0kenpixel:manager-v5.0.4 br0kenpixel:v13.0 br0kenpixel:manager-v4.3.3 br0kenpixel:manager-v4.3.2 br0kenpixel:manager-v4.3.1 br0kenpixel:manager-v4.3.0 br0kenpixel:v12.0 br0kenpixel:v11.6 br0kenpixel:manager-v4.2.7 br0kenpixel:v11.5 br0kenpixel:manager-v4.2.6 br0kenpixel:manager-v4.2.5 br0kenpixel:manager-v4.2 br0kenpixel:v11.1 br0kenpixel:manager-v4.1 br0kenpixel:manager-v4.0 br0kenpixel:v11.0 br0kenpixel:manager-v3.1 br0kenpixel:v10.1 br0kenpixel:manager-v3.0 br0kenpixel:v10 br0kenpixel:v9 br0kenpixel:v8 br0kenpixel:v7
...
compare: br0kenpixel:canary-28104
Branches Tags
br0kenpixel:master
br0kenpixel:v30.2 br0kenpixel:v30.1 br0kenpixel:v30.0 br0kenpixel:canary-29001 br0kenpixel:v29.0 br0kenpixel:canary-28104 br0kenpixel:canary-28103 br0kenpixel:canary-28102 br0kenpixel:canary-28101 br0kenpixel:v28.1 br0kenpixel:canary-28003 br0kenpixel:canary-28002 br0kenpixel:canary-28001 br0kenpixel:v28.0 br0kenpixel:canary-27008 br0kenpixel:canary-27007 br0kenpixel:canary-27006 br0kenpixel:canary-27005 br0kenpixel:v27.0 br0kenpixel:v26.4 br0kenpixel:v26.3 br0kenpixel:v26.2 br0kenpixel:v26.1 br0kenpixel:v26.0 br0kenpixel:v25.2 br0kenpixel:v25.1 br0kenpixel:v25.0 br0kenpixel:v24.3 br0kenpixel:v24.2 br0kenpixel:v24.1 br0kenpixel:v24.0 br0kenpixel:v23.0 br0kenpixel:v22.1 br0kenpixel:v22.0 br0kenpixel:manager-v8.0.7 br0kenpixel:v21.4 br0kenpixel:manager-v8.0.6 br0kenpixel:v21.3 br0kenpixel:manager-v8.0.5 br0kenpixel:v21.2 br0kenpixel:manager-v8.0.4 br0kenpixel:manager-v8.0.3 br0kenpixel:v21.1 br0kenpixel:manager-v8.0.2 br0kenpixel:manager-v8.0.1 br0kenpixel:v21.0 br0kenpixel:manager-v8.0.0 br0kenpixel:v20.4 br0kenpixel:v20.3 br0kenpixel:manager-v7.5.1 br0kenpixel:v20.2 br0kenpixel:manager-v7.5.0 br0kenpixel:manager-v7.4.0 br0kenpixel:v20.1 br0kenpixel:manager-v7.3.5 br0kenpixel:v20.0 br0kenpixel:manager-v7.3.4 br0kenpixel:v19.4 br0kenpixel:manager-v7.3.2 br0kenpixel:manager-v7.3.1 br0kenpixel:manager-v7.3.0 br0kenpixel:v19.3 br0kenpixel:manager-v7.2.0 br0kenpixel:v19.2 br0kenpixel:manager-v7.1.2 br0kenpixel:v19.1 br0kenpixel:manager-v7.1.1 br0kenpixel:v19.0 br0kenpixel:manager-v7.1.0 br0kenpixel:v18.1 br0kenpixel:manager-v7.0.0 br0kenpixel:manager-v6.1.0 br0kenpixel:v18.0 br0kenpixel:v17.3 br0kenpixel:manager-v6.0.1 br0kenpixel:manager-v6.0.0 br0kenpixel:v17.2 br0kenpixel:v17.1 br0kenpixel:manager-v5.9.1 br0kenpixel:v17.0 br0kenpixel:manager-v5.9.0 br0kenpixel:manager-v5.8.3 br0kenpixel:v16.7 br0kenpixel:manager-v5.8.2 br0kenpixel:manager-v5.8.1 br0kenpixel:v16.6 br0kenpixel:manager-v5.8.0 br0kenpixel:v16.4 br0kenpixel:manager-v5.7.0 br0kenpixel:v16.3 br0kenpixel:manager-v5.6.4 br0kenpixel:v16.2 br0kenpixel:manager-v5.6.3 br0kenpixel:v16.1 br0kenpixel:manager-v5.6.2 br0kenpixel:v16.0 br0kenpixel:manager-v5.6.1 br0kenpixel:v15.4 br0kenpixel:manager-v5.6.0 br0kenpixel:v15.3 br0kenpixel:manager-v5.5.5 br0kenpixel:manager-v5.5.4 br0kenpixel:v15.2 br0kenpixel:manager-v5.5.3 br0kenpixel:v15.1 br0kenpixel:manager-v5.5.2 br0kenpixel:v15.0 br0kenpixel:manager-v5.5.1 br0kenpixel:v14.6 br0kenpixel:manager-v5.5.0 br0kenpixel:v14.5 br0kenpixel:manager-v5.4.3 br0kenpixel:manager-v5.4.2 br0kenpixel:v14.3 br0kenpixel:manager-v5.4.0 br0kenpixel:v14.2 br0kenpixel:manager-v5.3.5 br0kenpixel:v14.0 br0kenpixel:manager-v5.3.0 br0kenpixel:manager-v5.2.0 br0kenpixel:manager-v5.1.1 br0kenpixel:v13.3 br0kenpixel:manager-v5.1.0 br0kenpixel:manager-v5.0.6 br0kenpixel:manager-v5.0.5 br0kenpixel:v13.2 br0kenpixel:v13.1 br0kenpixel:manager-v5.0.4 br0kenpixel:v13.0 br0kenpixel:manager-v4.3.3 br0kenpixel:manager-v4.3.2 br0kenpixel:manager-v4.3.1 br0kenpixel:manager-v4.3.0 br0kenpixel:v12.0 br0kenpixel:v11.6 br0kenpixel:manager-v4.2.7 br0kenpixel:v11.5 br0kenpixel:manager-v4.2.6 br0kenpixel:manager-v4.2.5 br0kenpixel:manager-v4.2 br0kenpixel:v11.1 br0kenpixel:manager-v4.1 br0kenpixel:manager-v4.0 br0kenpixel:v11.0 br0kenpixel:manager-v3.1 br0kenpixel:v10.1 br0kenpixel:manager-v3.0 br0kenpixel:v10 br0kenpixel:v9 br0kenpixel:v8 br0kenpixel:v7

155 Commits
canary-281 ... canary-281

Author SHA1 Message Date
topjohnwu
427a1ca4e5 Release new canary build 
[skip ci]
 2025-04-29 11:54:17 -07:00
topjohnwu
22884e173a Implement reboot in Rust 2025-04-28 17:22:14 -07:00
topjohnwu
d1829308e9 Move more daemon_start code into Rust 2025-04-28 17:22:14 -07:00
topjohnwu
73840f8721 Migrate selinux.cpp to selinux.rs 2025-04-28 17:22:14 -07:00
topjohnwu
c7d1af9805 Stop using PathBuf in package.rs 2025-04-28 17:22:14 -07:00
topjohnwu
4ad26d3dfb Better path methods 2025-04-28 17:22:14 -07:00
topjohnwu
0c70b7670c Cleanup dir implementations 2025-04-28 17:22:14 -07:00
topjohnwu
f44d044095 Remove Utf8CStrBuffer 2025-04-28 17:22:14 -07:00
topjohnwu
5c1cb13472 Remove AsUtf8CStr trait 2025-04-28 17:22:14 -07:00
topjohnwu
3327fc668e Remove FsPath and FsPathMnt trait 
Directly use Utf8CStr
 2025-04-28 17:22:14 -07:00
topjohnwu
610945ac54 Remove open_fd macro 2025-04-28 17:22:14 -07:00
Howard Wu
ddf5474917 apt-get update before install to fix ci 2025-04-28 11:16:14 -07:00
Howard Wu
6ba1685ade Fix some seopt log 2025-04-22 03:25:21 -07:00
topjohnwu
e02b5f7868 Rename cstr_buf to cstr::buf 2025-04-22 03:21:00 -07:00
topjohnwu
ab2e5d1e7e Make FsPathBuf a trait and rename to FsPathBuilder 2025-04-22 03:21:00 -07:00
topjohnwu
f3fef7bfe4 Make FsPath a trait 2025-04-22 03:21:00 -07:00
topjohnwu
c34c7838bb Cleanup cstr implementation 2025-04-22 03:21:00 -07:00
topjohnwu
c8a16b0e0c Remove unused code 2025-04-16 17:13:03 -07:00
topjohnwu
14f9ed91a1 Remove unused methods 2025-04-15 11:35:31 -07:00
topjohnwu
7a207d4ccf Only accept UTF-8 directory entries 2025-04-15 10:26:22 -07:00
topjohnwu
92a42d901f Move most implementation into Directory 2025-04-15 10:26:22 -07:00
topjohnwu
084d89fcce Create Utf8CStrBuffer type 2025-04-15 10:26:22 -07:00
topjohnwu
55b036c071 Introduce BorrowedDirectory 2025-04-15 10:26:22 -07:00
topjohnwu
30e79310ab Make pointers NonNull after error check 2025-04-15 00:18:48 -07:00
topjohnwu
f063fa5054 Cleanup xwrap implementation 2025-04-15 00:18:48 -07:00
topjohnwu
7bd901273c Provide richer error messages 
Make sure most syscall/libc calls results are mapped to OsResult
that can produce more detailed error messages.
 2025-04-15 00:18:48 -07:00
topjohnwu
c1e061603b Specify ADB_SERIAL for emulator 2025-04-13 21:43:11 -07:00
topjohnwu
cb08504fe5 Update cargo dependencies 2025-04-11 14:48:16 -07:00
topjohnwu
c0a1fb77be Code cleanup 2025-04-11 14:48:01 -07:00
LoveSy
4864c1112a no pty for -c by default, and add -i to force pty 2025-04-11 13:21:10 -07:00
LoveSy
9ddeab034b Fix wrong tty pump 
See #1463
 2025-04-11 13:21:10 -07:00
LoveSy
c4847ed288 Move pts to rust, and avoid using thread 2025-04-11 13:21:10 -07:00
topjohnwu
b8f1523fb2 Minor code reorg 
[skip ci]
 2025-04-08 17:20:22 -07:00
topjohnwu
fb7fa8a6b3 Update to ONDK r29.1 2025-04-08 12:11:59 -07:00
topjohnwu
9c7d359093 Optimize and format imports 
[skip ci]
 2025-04-08 09:57:09 -07:00
topjohnwu
eb54bc1fd7 Cleanup unused code 2025-04-08 02:33:52 -07:00
topjohnwu
d4a0286e13 Migrate magiskinit selinux.cpp to Rust 2025-04-08 02:33:52 -07:00
Steven Xu
83e66767ff refactor: use empty navOptions 2025-04-02 09:13:32 -07:00
Steven Xu
7dc010749b feat: remove animation settings button transition 2025-04-02 09:13:32 -07:00
Steven Xu
8e8d013b1b feat: remove log overscroll 2025-04-02 09:13:32 -07:00
Steven Xu
bba0373808 feat: remove navigation transition when clicking buttons on the bottom bar 2025-04-02 09:13:32 -07:00
topjohnwu
1fa318dc8c Use Rust elf-cleaner implementation 2025-04-01 18:32:54 -07:00
cheesetosti
6edc5e2037 Update install.md 
fixed grammar n stuff
 2025-04-01 12:13:29 -07:00
topjohnwu
1523ed9f78 Always go through rustup proxies 2025-04-01 10:01:35 -07:00
topjohnwu
8e604d2ab8 Update cuttlefish CI 2025-03-28 00:12:31 -07:00
topjohnwu
2aba7247a9 Skip stub APK install on emulator 
Reduce test flakiness
 2025-03-26 13:15:12 -07:00
topjohnwu
e66fe8533e API 36 does not support wait_for_bootanim 2025-03-26 13:15:12 -07:00
vvb2060
b03fbb3917 avd_test: upgrade to android16 beta3 2025-03-26 13:15:12 -07:00
vvb2060
c2ece62e4c native: delete global 16k option 
NDK 28 enable 16 KiB page size compatibility option by default, delete the global option to restore 4k alignment for 32-bit arch.
 2025-03-26 13:15:12 -07:00
vvb2060
8c972dcf34 app: target sdk 36 2025-03-26 13:15:12 -07:00
topjohnwu
50af14f2a3 Move all MagiskInit entrypoints into init.rs 2025-03-24 17:26:03 -07:00
topjohnwu
e0a356b319 Introduce mount helper methods 2025-03-24 17:26:03 -07:00
topjohnwu
c09a792958 Reorganize magiskinit code 2025-03-24 17:26:03 -07:00
topjohnwu
0bbfe7f44d Fix 2SI on legacy SAR devices 2025-03-24 17:26:03 -07:00
topjohnwu
a396abf565 Minor changes 
[skip ci]
 2025-03-22 01:16:51 -07:00
topjohnwu
1e3edb8883 Release new canary build 
[skip ci]
 2025-03-21 10:37:49 -07:00
topjohnwu
3b8b61bf35 Remove ZipUtils.kt 2025-03-20 14:54:25 -07:00
topjohnwu
6f90456036 Properly buffer I/O 2025-03-20 13:16:39 -07:00
topjohnwu
f56fd4e215 Always close outputStream in processFile 
Fix #8735
 2025-03-19 17:57:31 -07:00
topjohnwu
aa35aac5d5 Update dependencies 2025-03-19 15:55:06 -07:00
topjohnwu
1f162b819d Update ONDK r29.0 2025-03-19 10:55:08 -07:00
Wang Han
52ef1d1cb2 Simplify matching selinux context of child zygote (#8845) 2025-03-11 01:27:15 -07:00
John Wu
f14e3a89cc Enable optimize_for_size for Rust std (#8844) 2025-03-10 15:50:43 -07:00
topjohnwu
95d3eac2e0 Cleanup xwrap functions 2025-03-09 01:10:41 -08:00
Wang Han
8e73536e02 Remove unused hasGMS variable 2025-03-09 00:16:25 -08:00
LoveSy
12a0870bc9 Replace bzip2 with bz2-rs 2025-03-08 14:37:17 -08:00
topjohnwu
6ff82c4e86 Introduce FsPathFollow 
Make sure all operations of FsPath do not follow symlinks, and provide
a way to explicitly switch over to a set of operations that DO follow
symlinks by FsPath::follow_link.
 2025-03-07 15:51:51 -08:00
LoveSy
c64de35375 Move magiskpolicy cli to argh 2025-03-07 14:29:30 -08:00
topjohnwu
ee5283f4e8 Update release script 2025-03-07 14:14:06 -08:00
LoveSy
bd0e954fea Replace zlib with zlib-rs 2025-03-07 11:40:02 -08:00
topjohnwu
675471a49e Upgrade argh to stable release 2025-03-07 02:38:36 -08:00
topjohnwu
c90e73ccec Migration to Edition 2024 2025-03-07 02:35:25 -08:00
topjohnwu
a43c1267d8 Update Cargo.toml 2025-03-07 02:35:25 -08:00
vvb2060
e8958c6b5c get_secontext: ignore ENODATA 2025-03-06 20:03:36 -08:00
LoveSy
e8a3bf82c6 set exit code of log ExitOnError to -1 2025-03-06 20:03:15 -08:00
topjohnwu
27fd79176a Update ONDK to r28.3 2025-03-06 17:41:28 -08:00
topjohnwu
28d86a3454 Update rustup_wrapper 
[skip ci]
 2025-03-06 16:12:35 -08:00
topjohnwu
c6c1a17ae6 Address several clippy warnings 2025-03-03 02:15:14 -08:00
topjohnwu
2b47d47215 Also run clippy with release mode 
[skip ci]
 2025-03-02 23:14:46 -08:00
David K.
0e82df9e10 Support zImage compression types other than gzip. 
Instead of just searching for the gzip magic, it now incrementally searches the kernel for the first thing that `check_fmt_lg` doesn't report as `UNKNOWN`.
 2025-03-02 13:35:13 -08:00
topjohnwu
893821ad88 Skip all tests on master push 2025-03-02 02:30:11 -08:00
topjohnwu
6b80fbfa99 Fix cache save condition 2025-03-02 02:30:11 -08:00
topjohnwu
8c3c7d0194 Build on master push 2025-03-02 01:51:42 -08:00
topjohnwu
b94a3d9f2f Do not store cache on pull request 2025-03-02 01:51:42 -08:00
Wang Han
442d0b5ddc Delete bootctl binary if execution fails 
New devices may use AIDL bootctrl HAL, so if bootctl hal-info fails,
simply remove the temp file and return.
 2025-03-01 22:43:55 -08:00
topjohnwu
494615d9a0 Support ./build.py emulator with an APK argument 2025-02-28 17:17:24 -08:00
vvb2060
afbfb81837 docs: add avd_magisk.sh to faq 2025-02-28 17:17:24 -08:00
vvb2060
3ed4e258a3 avd_magisk: add general usage 2025-02-28 17:17:24 -08:00
vvb2060
dddd41c95b avd_magisk: support rootfs without sbin 2025-02-28 17:17:24 -08:00
topjohnwu
5f2ca81e86 Update AGP 2025-02-28 13:19:16 -08:00
topjohnwu
c9eac0c438 Introduce new sepolicy strategy for legacy devices 
The existing sepolicy patching strategy looks like this:

1. 2SI: use LD_PRELOAD to hijack `security_load_policy`
2. Split policy: devices using split policy implies it also needs to
   do early mount, which means fstab is stored in device tree.
   So we do the following:
   - Hijack the fstab node in the device tree in sysfs
   - Wait for init to mount selinuxfs for us
   - Hijack selinuxfs to intercept sepolicy loading
3. Monolithic policy: directly patch `/sepolicy`

Method #1 and #2 both has the magiskinit pre-init daemon handling
the sepolicy patching and loading process, while method #3 gives us
zero control over sepolicy loading process. Downsides:

a. Pre-init daemon bypasses the need to guess which sepolicy init
   will load, because the original init will literally send the stock
   sepolicy file directly to us with this approach.
b. If we want to add more features/functionalities during the sepolicy
   patching process, we will leave out devices using method #3

In order to solve these issues, we completely redesign the sepolicy
patching strategy for non-2SI devices. Instead of limiting usage of
pre-init daemon to early mount devices, we always intercept the
sepolicy loading process regardless of the Android version and device
setup. This will give us a unified implementation for sepolicy patching,
and will make it easier to develop further new features down the line.
 2025-02-28 09:39:10 -08:00
topjohnwu
b6b34f7612 Fix overlay.d context preservation 2025-02-27 01:57:25 -08:00
LoveSy
e55c413261 Correctly handle truncated dtb 2025-02-23 20:31:55 -08:00
topjohnwu
0399cde50a Cleanup logcat.log for each invocation 2025-02-18 01:04:19 -08:00
topjohnwu
019eb03823 Hide or remove mut constructors for Utf8CStr 2025-02-17 11:38:11 -08:00
topjohnwu
363410e1c0 Introduce cstr_buf helper functions 2025-02-17 11:32:21 -08:00
topjohnwu
fc2ef21660 Introduce path! macro for FsPath 2025-02-17 01:46:19 -08:00
topjohnwu
18cb659ff3 Run clippy through build.py 2025-02-17 01:31:59 -08:00
topjohnwu
63231d97ce Properly handle db downgrades 2025-02-16 17:01:36 -08:00
topjohnwu
9ac81a8a25 Skip module tests on API < 26 2025-02-16 16:20:09 -08:00
topjohnwu
79af2787ae Workaround potential OOM when signing APKs 2025-02-16 16:20:09 -08:00
topjohnwu
f5f9b285c0 Add module tests 2025-02-16 16:20:09 -08:00
topjohnwu
6c05f2ae85 Test processing Shamiko module zip 2025-02-16 16:20:09 -08:00
topjohnwu
29043e1684 Consolidate setup methods 2025-02-16 16:20:09 -08:00
topjohnwu
b73d4a7022 Fix log_ok() 2025-02-16 12:01:25 -08:00
topjohnwu
ad95e8951b Skip download in lsposed setup test 
Download the zip during build time
 2025-02-16 01:26:40 -08:00
topjohnwu
bf591fca12 Fix Utf8CString constructor and add more comments 2025-02-16 01:17:48 -08:00
topjohnwu
dcf027884d Update FsPathBuf 2025-02-15 18:27:45 -08:00
topjohnwu
584f3820fe Make all Utf8CStrWrite Utf8CStrBuf 2025-02-15 18:27:45 -08:00
topjohnwu
3c7c46307a Partially cleanup MagiskInit code 2025-02-15 18:27:45 -08:00
vvb2060
4d80361805 core: search for first available dir in PATH 2025-02-15 15:08:26 -08:00
LoveSy
9a74e19117 Add log_ok() for log().ok() 2025-02-14 14:24:13 -08:00
LoveSy
b1e17706a4 Format code 2025-02-14 14:24:13 -08:00
LoveSy
caad129d69 Move MagiskInit::patch_sepolicy to rust 2025-02-14 14:24:13 -08:00
LoveSy
da58571ce5 Remove redundant rust export 2025-02-14 14:24:13 -08:00
LoveSy
2aa7f1c094 Move MagiskInit::check_two_stage to rust 2025-02-14 14:24:13 -08:00
LoveSy
823e31a91b Use linker to link vfprintf as tiny_vfprintf 2025-02-14 14:24:13 -08:00
LoveSy
fb926ae302 Move MagiskInit::redirect_second_stage to rust 2025-02-14 14:24:13 -08:00
LoveSy
e0489eeffd Move MagiskInit::first_stage to rust 2025-02-14 14:24:13 -08:00
LoveSy
dc9d5a4cac Move MagiskInit::second_stage to rust 2025-02-14 14:24:13 -08:00
LoveSy
143743d0b0 Refactor init.cpp to init.rs 2025-02-14 14:24:13 -08:00
LoveSy
563f0d5ad5 Move BootConfig::print to rust 2025-02-14 14:24:13 -08:00
LoveSy
c99f4a591b Move MagiskInit::exec_init to rust 2025-02-14 14:24:13 -08:00
LoveSy
449204e380 Move MagiskInit::prepare_data to rust 2025-02-14 14:24:13 -08:00
LoveSy
a85c4c6528 Move MagiskInit::MagiskInit to rust 2025-02-14 14:24:13 -08:00
LoveSy
d203a6fff6 Move MagiskInit to rust 2025-02-14 14:24:13 -08:00
LoveSy
6c612d66d7 Move BootConfig to rust 2025-02-14 14:24:13 -08:00
topjohnwu
540253a55b Remove unnecessary FFI 2025-02-14 11:24:46 -08:00
topjohnwu
15b7c4ccd1 Fix tmpfs mounts in avd_magisk.sh 2025-02-14 10:17:31 -08:00
topjohnwu
442d5335ea Consolidate get_module_fds implementation 
Close #8767
 2025-02-12 02:55:27 +08:00
topjohnwu
8a80eea597 Directly deal with Rust &str in sepolicy.cpp 2025-02-12 01:26:06 +08:00
Wang Han
5e35703091 Ensure target path exists before mknod 
Co-authored-by: LoveSy <shana@zju.edu.cn>
 2025-02-12 01:13:56 +08:00
topjohnwu
b7ca73f431 Remove an additional unique_ptr indirection 2025-02-05 14:18:16 +08:00
Wang Han
a14fc90f07 Fix fetching notification settings from db (#8761) 
Co-authored-by: LoveSy <shana@zju.edu.cn>
 2025-02-04 17:42:21 +08:00
LoveSy
c913f7ec74 Make sepolicy a shared type between rust and cxx 2025-02-04 00:36:11 +08:00
topjohnwu
7f6c9e8411 Fix zygisk module load 2025-02-03 23:21:51 +08:00
topjohnwu
bb02ea3a20 Fix file descriptor IPC 2025-02-03 18:21:03 +08:00
LoveSy
3981c9665e Replace rust inner functions to try blocks 2025-02-02 22:09:55 +08:00
topjohnwu
88628fdf3c Make sure IPC is arch agnostic 2025-02-02 22:08:41 +08:00
topjohnwu
0469817781 Cleanup code and bindings 2025-02-02 22:08:41 +08:00
topjohnwu
a786801141 Implement su_daemon in Rust 2025-02-02 22:08:41 +08:00
topjohnwu
ab86732c89 Implement simple serialization over IPC 2025-02-02 22:08:41 +08:00
topjohnwu
59622d1688 Use static methods in cxx-rs 2025-02-02 02:46:33 +08:00
LoveSy
58a25a3e2b Fix su with tty 2025-02-01 16:50:53 +08:00
topjohnwu
15dca29a87 Update cxx-rs 2025-02-01 02:02:29 +08:00
Wang Han
46980819c0 Expose safe mode option on 28+ 2025-01-31 12:20:02 +08:00
topjohnwu
4fb6a7268c Fix SDK 27 and 28 tests 2025-01-31 02:52:27 +08:00
topjohnwu
c05e963f37 Address clippy warnings 2025-01-31 02:52:27 +08:00
topjohnwu
7f7f625864 Code reorganization 2025-01-31 02:52:27 +08:00
topjohnwu
b25aa8295a Move bootstage into Rust 2025-01-31 02:52:27 +08:00
topjohnwu
15a605765c Fully implement daemon side of Zygisk in Rust 2025-01-31 02:52:27 +08:00
topjohnwu
b575c95710 Implement fd I/O on Rust side 2025-01-31 02:52:27 +08:00
topjohnwu
a48a9c858a Migrate zygisk handler to Rust 2025-01-31 02:52:27 +08:00
topjohnwu
0d8d6290a3 Move module list into MagiskD 2025-01-31 02:52:27 +08:00
topjohnwu
4dcd733ddd Minor code cleanup 2025-01-31 02:52:27 +08:00
170 changed files with 7719 additions and 6666 deletions
Expand all files Collapse all files

6
.gitattributes vendored
View File

@@ -12,13 +12,11 @@
# Denote all files that are truly binary and should not be modified.
tools/** binary
tools/rustup-wrapper/** -binary
tools/elf-cleaner/** -binary
*.jar binary
*.exe binary
*.apk binary
*.png binary
*.jpg binary
*.ttf binary
# Help GitHub detect languages
native/jni/external/** linguist-vendored
native/jni/systemproperties/** linguist-language=C++

23
.github/actions/setup/action.yml vendored
View File

@@ -26,6 +26,15 @@ runs:
- name: Cache sccache
uses: actions/cache@v4
if: ${{ github.event_name != 'pull_request' }}
with:
path: .sccache
key: sccache-${{ runner.os }}-${{ github.sha }}
restore-keys: sccache-${{ runner.os }}-
- name: Restore sccache
uses: actions/cache/restore@v4
if: ${{ github.event_name == 'pull_request' }}
with:
path: .sccache
key: sccache-${{ runner.os }}-${{ github.sha }}
@@ -55,7 +64,7 @@ runs:
- name: Cache Gradle dependencies
uses: actions/cache@v4
if: inputs.is-asset-build == 'true'
if: ${{ inputs.is-asset-build == 'true' && github.event_name != 'pull_request' }}
with:
path: |
.gradle/caches
@@ -66,7 +75,7 @@ runs:
- name: Restore Gradle dependencies
uses: actions/cache/restore@v4
if: inputs.is-asset-build == 'false'
if: ${{ inputs.is-asset-build == 'false' || github.event_name == 'pull_request' }}
with:
path: |
.gradle/caches
@@ -78,19 +87,17 @@ runs:
- name: Cache Gradle build cache
uses: actions/cache@v4
if: inputs.is-asset-build == 'true'
if: ${{ inputs.is-asset-build == 'true' && github.event_name != 'pull_request' }}
with:
path: |
.gradle/caches/build-cache-*
path: .gradle/caches/build-cache-*
key: gradle-build-cache-${{ github.sha }}
restore-keys: gradle-build-cache-
- name: Restore Gradle build cache
uses: actions/cache/restore@v4
if: inputs.is-asset-build == 'false'
if: ${{ inputs.is-asset-build == 'false' || github.event_name == 'pull_request' }}
with:
path: |
.gradle/caches/build-cache-*
path: .gradle/caches/build-cache-*
key: gradle-build-cache-${{ github.sha }}
restore-keys: gradle-build-cache-
enableCrossOsArchive: true

21
.github/workflows/build.yml vendored
View File

@@ -1,6 +1,16 @@
name: Magisk Build
on:
push:
branches: [master]
paths:
- "app/**"
- "native/**"
- "buildSrc/**"
- "build.py"
- "gradle.properties"
- "gradle/libs.versions.toml"
- ".github/workflows/build.yml"
pull_request:
branches: [master]
workflow_dispatch:
@@ -71,15 +81,16 @@ jobs:
name: Test API ${{ matrix.version }} (x86_64)
runs-on: ubuntu-24.04
needs: build
if: ${{ github.event_name != 'push' }}
strategy:
fail-fast: false
matrix:
version: [23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35]
type: [""]
include:
- version: "Baklava"
- version: 36
type: "google_apis"
- version: "Baklava"
- version: 36
type: "google_apis_ps16k"
steps:
@@ -117,6 +128,7 @@ jobs:
name: Test API ${{ matrix.version }} (x86)
runs-on: ubuntu-24.04
needs: build
if: ${{ github.event_name != 'push' }}
strategy:
fail-fast: false
matrix:
@@ -158,14 +170,15 @@ jobs:
name: Test ${{ matrix.device }}
runs-on: ubuntu-24.04
needs: build
if: ${{ github.event_name != 'push' }}
env:
CF_HOME: /home/runner/aosp_cf_phone
strategy:
fail-fast: false
matrix:
include:
- branch: "aosp-main"
device: "aosp_cf_x86_64_phone"
- branch: "aosp-android-latest-release"
device: "aosp_cf_x86_64_only_phone"
steps:
- name: Check out

9
.gitmodules vendored
View File

@@ -4,18 +4,12 @@
[submodule "lz4"]
path = native/src/external/lz4
url = https://github.com/lz4/lz4.git
[submodule "bzip2"]
path = native/src/external/bzip2
url = https://github.com/nemequ/bzip2.git
[submodule "xz"]
path = native/src/external/xz
url = https://github.com/xz-mirror/xz.git
[submodule "libcxx"]
path = native/src/external/libcxx
url = https://github.com/topjohnwu/libcxx.git
[submodule "zlib"]
path = native/src/external/zlib
url = https://android.googlesource.com/platform/external/zlib
[submodule "zopfli"]
path = native/src/external/zopfli
url = https://github.com/google/zopfli.git
@@ -31,6 +25,3 @@
[submodule "crt0"]
path = native/src/external/crt0
url = https://github.com/topjohnwu/crt0.git
[submodule "termux-elf-cleaner"]
path = tools/termux-elf-cleaner
url = https://github.com/termux/termux-elf-cleaner.git

2
README.MD
View File

@@ -22,7 +22,7 @@ Click the icon below to download Magisk apk.
[![](https://img.shields.io/badge/Magisk-v28.1-blue)](https://github.com/topjohnwu/Magisk/releases/tag/v28.1)
[![](https://img.shields.io/badge/Magisk%20Beta-v28.1-blue)](https://github.com/topjohnwu/Magisk/releases/tag/v28.1)
[![](https://img.shields.io/badge/Magisk-Canary-red)](https://github.com/topjohnwu/Magisk/releases/tag/canary-28102)
[![](https://img.shields.io/badge/Magisk-Canary-red)](https://github.com/topjohnwu/Magisk/releases/tag/canary-28104)
## Useful Links

15
app/apk/src/main/java/com/topjohnwu/magisk/arch/NavigationActivity.kt
View File

@@ -1,10 +1,13 @@
package com.topjohnwu.magisk.arch
import android.content.ContentResolver
import android.view.KeyEvent
import androidx.databinding.ViewDataBinding
import androidx.navigation.NavController
import androidx.navigation.NavDirections
import androidx.navigation.fragment.NavHostFragment
import androidx.navigation.navOptions
import com.topjohnwu.magisk.utils.AccessibilityUtils
abstract class NavigationActivity<Binding : ViewDataBinding> : UIActivity<Binding>() {
@@ -31,7 +34,17 @@ abstract class NavigationActivity<Binding : ViewDataBinding> : UIActivity<Bindin
}
}
companion object {
fun navigate(directions: NavDirections, navigation: NavController, cr: ContentResolver) {
if (AccessibilityUtils.isAnimationEnabled(cr)) {
navigation.navigate(directions)
} else {
navigation.navigate(directions, navOptions {})
}
}
}
fun NavDirections.navigate() {
navigation.navigate(this)
navigate(this, navigation, contentResolver)
}
}

10
app/apk/src/main/java/com/topjohnwu/magisk/ui/home/HomeFragment.kt
View File

@@ -17,6 +17,8 @@ import com.topjohnwu.magisk.core.Info
import com.topjohnwu.magisk.core.download.DownloadEngine
import com.topjohnwu.magisk.databinding.FragmentHomeMd2Binding
import com.topjohnwu.magisk.core.R as CoreR
import androidx.navigation.findNavController
import com.topjohnwu.magisk.arch.NavigationActivity
class HomeFragment : BaseFragment<FragmentHomeMd2Binding>(), MenuProvider {
@@ -68,7 +70,13 @@ class HomeFragment : BaseFragment<FragmentHomeMd2Binding>(), MenuProvider {
override fun onMenuItemSelected(item: MenuItem): Boolean {
when (item.itemId) {
R.id.action_settings ->
HomeFragmentDirections.actionHomeFragmentToSettingsFragment().navigate()
activity?.let {
NavigationActivity.navigate(
HomeFragmentDirections.actionHomeFragmentToSettingsFragment(),
it.findNavController(R.id.main_nav_host),
it.contentResolver,
)
}
R.id.action_reboot -> activity?.let { RebootMenu.inflate(it).show() }
else -> return super.onOptionsItemSelected(item)
}

2
app/apk/src/main/java/com/topjohnwu/magisk/ui/home/RebootMenu.kt
View File

@@ -41,7 +41,7 @@ object RebootMenu {
activity.getSystemService<PowerManager>()?.isRebootingUserspaceSupported == true) {
menu.menu.findItem(R.id.action_reboot_userspace).isVisible = true
}
if (Const.Version.isCanary()) {
if (Const.Version.atLeast_28_0()) {
menu.menu.findItem(R.id.action_reboot_safe_mode).isChecked = Config.bootloop >= 2
} else {
menu.menu.findItem(R.id.action_reboot_safe_mode).isVisible = false

7
app/apk/src/main/java/com/topjohnwu/magisk/ui/log/LogFragment.kt
View File

@@ -5,6 +5,7 @@ import android.view.Menu
import android.view.MenuInflater
import android.view.MenuItem
import android.view.View
import android.widget.HorizontalScrollView
import androidx.core.view.MenuProvider
import androidx.core.view.isVisible
import com.topjohnwu.magisk.R
@@ -12,6 +13,7 @@ import com.topjohnwu.magisk.arch.BaseFragment
import com.topjohnwu.magisk.arch.viewModel
import com.topjohnwu.magisk.databinding.FragmentLogMd2Binding
import com.topjohnwu.magisk.ui.MainActivity
import com.topjohnwu.magisk.utils.AccessibilityUtils
import com.topjohnwu.magisk.utils.MotionRevealHelper
import rikka.recyclerview.addEdgeSpacing
import rikka.recyclerview.addItemSpacing
@@ -56,6 +58,11 @@ class LogFragment : BaseFragment<FragmentLogMd2Binding>(), MenuProvider {
addItemSpacing(R.dimen.l1, R.dimen.l_50, R.dimen.l1)
fixEdgeEffect()
}
if (!AccessibilityUtils.isAnimationEnabled(requireContext().contentResolver)) {
val scrollView = view.findViewById<HorizontalScrollView>(R.id.log_scroll_magisk)
scrollView.setOverScrollMode(View.OVER_SCROLL_NEVER)
}
}

14
app/apk/src/main/java/com/topjohnwu/magisk/utils/AccessibilityUtils.kt Normal file
View File

@@ -0,0 +1,14 @@
package com.topjohnwu.magisk.utils
import android.content.ContentResolver
import android.provider.Settings
class AccessibilityUtils {
companion object {
fun isAnimationEnabled(cr: ContentResolver): Boolean {
return !(Settings.Global.getFloat(cr, Settings.Global.ANIMATOR_DURATION_SCALE, 1.0f) == 0.0f
&& Settings.Global.getFloat(cr, Settings.Global.TRANSITION_ANIMATION_SCALE, 1.0f) == 0.0f
&& Settings.Global.getFloat(cr, Settings.Global.WINDOW_ANIMATION_SCALE, 1.0f) == 0.0f)
}
}
}

1
app/apk/src/main/res/layout/include_log_magisk.xml
View File

@@ -16,6 +16,7 @@
android:layout_height="match_parent">
<HorizontalScrollView
android:id="@+id/log_scroll_magisk"
gone="@{viewModel.loading}"
android:layout_width="match_parent"
android:layout_height="match_parent"

3
app/core/src/main/java/com/topjohnwu/magisk/core/Const.kt
View File

@@ -14,7 +14,7 @@ object Const {
else Build.SUPPORTED_32_BIT_ABIS.firstOrNull()
// Paths
const val MAGISK_PATH = "/data/adb/modules"
const val MODULE_PATH = "/data/adb/modules"
const val TMPDIR = "/dev/tmp"
const val MAGISK_LOG = "/cache/magisk.log"
@@ -28,6 +28,7 @@ object Const {
fun atLeast_24_0() = Info.env.versionCode >= 24000 || isCanary()
fun atLeast_25_0() = Info.env.versionCode >= 25000 || isCanary()
fun atLeast_28_0() = Info.env.versionCode >= 28000 || isCanary()
fun isCanary() = isCanary(Info.env.versionCode)
fun isCanary(ver: Int) = ver > 0 && ver % 100 != 0

1
app/core/src/main/java/com/topjohnwu/magisk/core/Info.kt
View File

@@ -47,7 +47,6 @@ object Info {
private set
private var crypto = ""
var hasGMS = true
val isEmulator =
Build.DEVICE.contains("vsoc")
|| getProperty("ro.kernel.qemu", "0") == "1"

5
app/core/src/main/java/com/topjohnwu/magisk/core/di/Networking.kt
View File

@@ -5,7 +5,6 @@ import com.squareup.moshi.Moshi
import com.topjohnwu.magisk.ProviderInstaller
import com.topjohnwu.magisk.core.BuildConfig
import com.topjohnwu.magisk.core.Config
import com.topjohnwu.magisk.core.Info
import com.topjohnwu.magisk.core.utils.LocaleSetting
import okhttp3.Cache
import okhttp3.ConnectionSpec
@@ -72,9 +71,7 @@ fun createOkHttpClient(context: Context): OkHttpClient {
chain.proceed(request.build())
}
if (!ProviderInstaller.install(context)) {
Info.hasGMS = false
}
ProviderInstaller.install(context)
return builder.build()
}

38
app/core/src/main/java/com/topjohnwu/magisk/core/model/module/LocalModule.kt
View File

@@ -5,6 +5,7 @@ import com.topjohnwu.magisk.core.Const
import com.topjohnwu.magisk.core.di.ServiceLocator
import com.topjohnwu.magisk.core.utils.RootUtils
import com.topjohnwu.superuser.Shell
import com.topjohnwu.superuser.nio.ExtendedFile
import kotlinx.coroutines.Dispatchers
import kotlinx.coroutines.withContext
import timber.log.Timber
@@ -12,7 +13,7 @@ import java.io.IOException
import java.util.Locale
data class LocalModule(
private val path: String,
private val base: ExtendedFile,
) : Module() {
private val svc get() = ServiceLocator.networkService
@@ -24,20 +25,18 @@ data class LocalModule(
var description: String = ""
var updateInfo: OnlineModule? = null
var outdated = false
private var updateUrl: String = ""
private val removeFile = RootUtils.fs.getFile(path, "remove")
private val disableFile = RootUtils.fs.getFile(path, "disable")
private val updateFile = RootUtils.fs.getFile(path, "update")
private val riruFolder = RootUtils.fs.getFile(path, "riru")
private val zygiskFolder = RootUtils.fs.getFile(path, "zygisk")
private val unloaded = RootUtils.fs.getFile(zygiskFolder, "unloaded")
val updated: Boolean get() = updateFile.exists()
val isRiru: Boolean get() = (id == "riru-core") || riruFolder.exists()
val isZygisk: Boolean get() = zygiskFolder.exists()
val zygiskUnloaded: Boolean get() = unloaded.exists()
val hasAction: Boolean;
private val removeFile = base.getChildFile("remove")
private val disableFile = base.getChildFile("disable")
private val updateFile = base.getChildFile("update")
val zygiskFolder = base.getChildFile("zygisk")
val updated get() = updateFile.exists()
val isRiru = (id == "riru-core") || base.getChildFile("riru").exists()
val isZygisk = zygiskFolder.exists()
val zygiskUnloaded = zygiskFolder.getChildFile("unloaded").exists()
val hasAction = base.getChildFile("action.sh").exists()
var enable: Boolean
get() = !disableFile.exists()
@@ -90,19 +89,16 @@ data class LocalModule(
init {
runCatching {
parseProps(Shell.cmd("dos2unix < $path/module.prop").exec().out)
parseProps(Shell.cmd("dos2unix < $base/module.prop").exec().out)
}
if (id.isEmpty()) {
val sep = path.lastIndexOf('/')
id = path.substring(sep + 1)
id = base.name
}
if (name.isEmpty()) {
name = id
}
hasAction = RootUtils.fs.getFile(path, "action.sh").exists()
}
suspend fun fetch(): Boolean {
@@ -125,14 +121,14 @@ data class LocalModule(
companion object {
fun loaded() = RootUtils.fs.getFile(Const.MAGISK_PATH).exists()
fun loaded() = RootUtils.fs.getFile(Const.MODULE_PATH).exists()
suspend fun installed() = withContext(Dispatchers.IO) {
RootUtils.fs.getFile(Const.MAGISK_PATH)
RootUtils.fs.getFile(Const.MODULE_PATH)
.listFiles()
.orEmpty()
.filter { !it.isFile && !it.isHidden }
.map { LocalModule("${Const.MAGISK_PATH}/${it.name}") }
.map { LocalModule(it) }
.sortedBy { it.name.lowercase(Locale.ROOT) }
}
}

5
app/core/src/main/java/com/topjohnwu/magisk/core/signing/ByteArrayStream.java
View File

@@ -4,6 +4,7 @@ import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.ByteBuffer;
public class ByteArrayStream extends ByteArrayOutputStream {
@@ -27,4 +28,8 @@ public class ByteArrayStream extends ByteArrayOutputStream {
public ByteArrayInputStream getInputStream() {
return new ByteArrayInputStream(buf, 0, count);
}
public ByteBuffer toByteBuffer() {
return ByteBuffer.wrap(buf, 0, count);
}
}

5
app/core/src/main/java/com/topjohnwu/magisk/core/signing/SignApk.java
View File

@@ -510,7 +510,7 @@ public class SignApk {
privateKey[0] = key;
// Generate, in memory, an APK signed using standard JAR Signature Scheme.
ByteArrayOutputStream v1SignedApkBuf = new ByteArrayOutputStream();
ByteArrayStream v1SignedApkBuf = new ByteArrayStream();
JarOutputStream outputJar = new JarOutputStream(v1SignedApkBuf);
// Use maximum compression for compressed entries because the APK lives forever on
// the system partition.
@@ -519,8 +519,7 @@ public class SignApk {
copyFiles(manifest, inputJar, outputJar, timestamp, alignment);
signFile(manifest, publicKey, privateKey, timestamp, outputJar);
outputJar.close();
ByteBuffer v1SignedApk = ByteBuffer.wrap(v1SignedApkBuf.toByteArray());
v1SignedApkBuf.reset();
ByteBuffer v1SignedApk = v1SignedApkBuf.toByteBuffer();
ByteBuffer[] outputChunks;
List<ApkSignerV2.SignerConfig> signerConfigs = createV2SignerConfigs(privateKey, publicKey,

26
app/core/src/main/java/com/topjohnwu/magisk/core/tasks/MagiskInstaller.kt
View File

@@ -17,7 +17,6 @@ import com.topjohnwu.magisk.core.Info
import com.topjohnwu.magisk.core.di.ServiceLocator
import com.topjohnwu.magisk.core.isRunningAsStub
import com.topjohnwu.magisk.core.ktx.copyAll
import com.topjohnwu.magisk.core.ktx.copyAndClose
import com.topjohnwu.magisk.core.ktx.writeTo
import com.topjohnwu.magisk.core.utils.DummyList
import com.topjohnwu.magisk.core.utils.MediaStoreUtils
@@ -47,7 +46,6 @@ import java.io.OutputStream
import java.io.PushbackInputStream
import java.nio.ByteBuffer
import java.security.SecureRandom
import java.util.Arrays
import java.util.Locale
import java.util.concurrent.atomic.AtomicBoolean
@@ -191,7 +189,8 @@ abstract class MagiskInstallImpl protected constructor(
return true
}
private suspend fun InputStream.copyAndCloseOut(out: OutputStream) = out.use { copyAll(it) }
private suspend fun InputStream.copyAndCloseOut(out: OutputStream) =
out.use { copyAll(it, 1024 * 1024) }
private class NoAvailableStream(s: InputStream) : FilterInputStream(s) {
// Make sure available is never called on the actual stream and always return 0
@@ -225,8 +224,8 @@ abstract class MagiskInstallImpl protected constructor(
console.add("- Processing tar file")
var entry: TarArchiveEntry? = tarIn.nextEntry
fun TarArchiveEntry.decompressedStream(): InputStream {
val stream = if (name.endsWith(".lz4"))
fun decompressedStream(): InputStream {
val stream = if (tarIn.currentEntry.name.endsWith(".lz4"))
FramedLZ4CompressorInputStream(tarIn, true) else tarIn
return NoAvailableStream(stream)
}
@@ -252,9 +251,9 @@ abstract class MagiskInstallImpl protected constructor(
if (bootItem != null) {
console.add("-- Extracting: ${bootItem.name}")
entry.decompressedStream().copyAndCloseOut(bootItem.file.newOutputStream())
decompressedStream().copyAndCloseOut(bootItem.file.newOutputStream())
} else if (entry.name.contains("vbmeta.img")) {
val rawData = entry.decompressedStream().readBytes()
val rawData = decompressedStream().readBytes()
// Valid vbmeta.img should be at least 256 bytes
if (rawData.size < 256)
continue
@@ -287,7 +286,7 @@ abstract class MagiskInstallImpl protected constructor(
} else {
console.add("-- Copying : ${entry.name}")
tarOut.putArchiveEntry(entry)
tarIn.copyAll(tarOut, bufferSize = 1024 * 1024)
tarIn.copyAll(tarOut)
tarOut.closeArchiveEntry()
}
entry = tarIn.nextEntry ?: break
@@ -429,7 +428,7 @@ abstract class MagiskInstallImpl protected constructor(
// Process input file
try {
PushbackInputStream(uri.inputStream(), 512).use { src ->
PushbackInputStream(uri.inputStream().buffered(1024 * 1024), 512).use { src ->
val head = ByteArray(512)
if (src.read(head) != head.size) {
console.add("! Invalid input file")
@@ -438,12 +437,13 @@ abstract class MagiskInstallImpl protected constructor(
src.unread(head)
val magic = head.copyOf(4)
val tarMagic = Arrays.copyOfRange(head, 257, 262)
val tarMagic = head.copyOfRange(257, 262)
srcBoot = if (tarMagic.contentEquals("ustar".toByteArray())) {
// tar file
outFile = MediaStoreUtils.getFile("$destName.tar")
outStream = TarArchiveOutputStream(outFile.uri.outputStream()).also {
val os = outFile.uri.outputStream().buffered(1024 * 1024)
outStream = TarArchiveOutputStream(os).also {
it.setBigNumberMode(TarArchiveOutputStream.BIGNUMBER_STAR)
it.setLongFileMode(TarArchiveOutputStream.LONGFILE_GNU)
}
@@ -500,7 +500,7 @@ abstract class MagiskInstallImpl protected constructor(
bootItem.file = newBoot
bootItem.copyTo(outStream as TarArchiveOutputStream)
} else {
newBoot.newInputStream().copyAndClose(outStream)
newBoot.newInputStream().use { it.copyAll(outStream, 1024 * 1024) }
}
newBoot.delete()
@@ -514,6 +514,8 @@ abstract class MagiskInstallImpl protected constructor(
outFile.delete()
Timber.e(e)
return false
} finally {
outStream.close()
}
// Fix up binaries

50
app/core/src/main/java/com/topjohnwu/magisk/core/utils/ZipUtils.kt
View File

@@ -1,50 +0,0 @@
package com.topjohnwu.magisk.core.utils
import com.topjohnwu.magisk.core.ktx.copyAll
import org.apache.commons.compress.archivers.zip.ZipArchiveEntry
import org.apache.commons.compress.archivers.zip.ZipArchiveInputStream
import org.apache.commons.compress.archivers.zip.ZipFile
import java.io.File
import java.io.IOException
import java.io.InputStream
@Throws(IOException::class)
suspend fun File.unzip(folder: File, path: String = "", junkPath: Boolean = false) {
ZipFile.Builder().setFile(this).get().use { zip ->
for (entry in zip.entries) {
if (!entry.name.startsWith(path) || entry.isDirectory) {
// Ignore directories, only create files
continue
}
val name = if (junkPath)
entry.name.substring(entry.name.lastIndexOf('/') + 1)
else
entry.name
val dest = File(folder, name)
dest.parentFile?.mkdirs()
dest.outputStream().use { out -> zip.getInputStream(entry).copyAll(out) }
}
}
}
@Throws(IOException::class)
suspend fun InputStream.unzip(folder: File, path: String = "", junkPath: Boolean = false) {
ZipArchiveInputStream(this).use { zin ->
var entry: ZipArchiveEntry
while (true) {
entry = zin.nextEntry ?: break
if (!entry.name.startsWith(path) || entry.isDirectory) {
// Ignore directories, only create files
continue
}
val name = if (junkPath)
entry.name.substring(entry.name.lastIndexOf('/') + 1)
else
entry.name
val dest = File(folder, name)
dest.parentFile?.mkdirs()
dest.outputStream().use { out -> zin.copyAll(out) }
}
}
}

71
app/core/src/main/java/com/topjohnwu/magisk/test/AdditionalTest.kt
View File

@@ -5,9 +5,17 @@ import androidx.annotation.Keep
import androidx.test.ext.junit.runners.AndroidJUnit4
import androidx.test.uiautomator.By
import androidx.test.uiautomator.Until
import com.topjohnwu.magisk.core.model.module.LocalModule
import com.topjohnwu.magisk.core.utils.RootUtils
import kotlinx.coroutines.runBlocking
import org.junit.After
import org.junit.Assert.assertEquals
import org.junit.Assert.assertFalse
import org.junit.Assert.assertNotNull
import org.junit.Assert.assertNull
import org.junit.Assert.assertTrue
import org.junit.Assume.assumeTrue
import org.junit.BeforeClass
import org.junit.Test
import org.junit.runner.RunWith
import java.util.concurrent.TimeUnit
@@ -21,6 +29,17 @@ class AdditionalTest : BaseTest {
private const val SHELL_PKG = "com.android.shell"
private const val LSPOSED_CATEGORY = "org.lsposed.manager.LAUNCH_MANAGER"
private const val LSPOSED_PKG = "org.lsposed.manager"
private lateinit var modules: List<LocalModule>
@BeforeClass
@JvmStatic
fun before() {
BaseTest.prerequisite()
runBlocking {
modules = LocalModule.installed()
}
}
}
@After
@@ -29,9 +48,24 @@ class AdditionalTest : BaseTest {
}
@Test
fun testLaunchLsposedManager() {
fun testModuleCount() {
var expected = 0
if (Environment.testModules()) expected +=2
if (Environment.lsposed()) expected++
if (Environment.shamiko()) expected++
assertEquals("Module count incorrect", expected, modules.size)
}
@Test
fun testLsposed() {
assumeTrue(Environment.lsposed())
val module = modules.find { it.id == "zygisk_lsposed" }
assertNotNull("zygisk_lsposed is not installed", module)
module!!
assertFalse("zygisk_lsposed is not enabled", module.zygiskUnloaded)
// Launch lsposed manager to ensure the module is active
uiAutomation.executeShellCommand(
"am start -c $LSPOSED_CATEGORY $SHELL_PKG/.BugreportWarningActivity"
).let { pfd -> AutoCloseInputStream(pfd).use { it.readBytes() } }
@@ -42,4 +76,39 @@ class AdditionalTest : BaseTest {
device.wait(Until.hasObject(By.res(pattern)), TimeUnit.SECONDS.toMillis(10))
)
}
@Test
fun testModule01() {
assumeTrue(Environment.testModules())
val module = modules.find { it.id == "test_01" }
assertNotNull("test_01 is not installed", module)
assertTrue(
"/system/etc/newfile should exist",
RootUtils.fs.getFile("/system/etc/newfile").exists()
)
assertFalse(
"/system/bin/screenrecord should not exist",
RootUtils.fs.getFile("/system/bin/screenrecord").exists()
)
module!!
assertTrue("test_01 should be zygisk unloaded", module.zygiskUnloaded)
}
@Test
fun testModule02() {
assumeTrue(Environment.testModules())
val module = modules.find { it.id == "test_02" }
assertNotNull("test_02 is not installed", module)
module!!
assertTrue("test_02 should be zygisk unloaded", module.zygiskUnloaded)
}
@Test
fun testModule03() {
assumeTrue(Environment.testModules())
assertNull("test_03 should be removed", modules.find { it.id == "test_03" })
}
}

3
app/core/src/main/java/com/topjohnwu/magisk/test/BaseTest.kt
View File

@@ -12,7 +12,8 @@ import org.junit.Assert.assertTrue
interface BaseTest {
val instrumentation: Instrumentation
get() = InstrumentationRegistry.getInstrumentation()
val context: Context get() = instrumentation.targetContext
val appContext: Context get() = instrumentation.targetContext
val testContext: Context get() = instrumentation.context
val uiAutomation: UiAutomation get() = instrumentation.uiAutomation
val device: UiDevice get() = UiDevice.getInstance(instrumentation)

151
app/core/src/main/java/com/topjohnwu/magisk/test/Environment.kt
View File

@@ -6,21 +6,28 @@ import androidx.annotation.Keep
import androidx.core.net.toUri
import androidx.test.ext.junit.runners.AndroidJUnit4
import com.topjohnwu.magisk.core.BuildConfig.APP_PACKAGE_NAME
import com.topjohnwu.magisk.core.di.ServiceLocator
import com.topjohnwu.magisk.core.Const
import com.topjohnwu.magisk.core.download.DownloadNotifier
import com.topjohnwu.magisk.core.download.DownloadProcessor
import com.topjohnwu.magisk.core.ktx.cachedFile
import com.topjohnwu.magisk.core.model.module.LocalModule
import com.topjohnwu.magisk.core.tasks.AppMigration
import com.topjohnwu.magisk.core.tasks.FlashZip
import com.topjohnwu.magisk.core.tasks.MagiskInstaller
import com.topjohnwu.magisk.core.utils.RootUtils
import com.topjohnwu.superuser.CallbackList
import com.topjohnwu.superuser.Shell
import com.topjohnwu.superuser.nio.ExtendedFile
import kotlinx.coroutines.runBlocking
import org.apache.commons.compress.archivers.zip.ZipFile
import org.junit.Assert.assertArrayEquals
import org.junit.Assert.assertEquals
import org.junit.Assert.assertTrue
import org.junit.Assume.assumeTrue
import org.junit.BeforeClass
import org.junit.Test
import org.junit.runner.RunWith
import timber.log.Timber
import java.io.File
@Keep
@RunWith(AndroidJUnit4::class)
@@ -31,12 +38,21 @@ class Environment : BaseTest {
@JvmStatic
fun before() = BaseTest.prerequisite()
fun lsposed(): Boolean {
return Build.VERSION.SDK_INT >= 27 && Build.VERSION.SDK_INT <= 34
// The kernel running on emulators < API 26 does not play well with
// magic mount. Skip module tests on those legacy platforms.
fun testModules(): Boolean {
return Build.VERSION.SDK_INT >= 26
}
private const val LSPOSED_URL =
"https://github.com/LSPosed/LSPosed/releases/download/v1.9.2/LSPosed-v1.9.2-7024-zygisk-release.zip"
fun lsposed(): Boolean {
return Build.VERSION.SDK_INT in 27..34
}
fun shamiko(): Boolean {
return Build.VERSION.SDK_INT >= 27
}
private const val MODULE_ERROR = "Module zip processing incorrect"
}
object TimberLog : CallbackList<String>(Runnable::run) {
@@ -45,34 +61,125 @@ class Environment : BaseTest {
}
}
private fun checkModuleZip(file: File) {
// Make sure module processing is correct
ZipFile.Builder().setFile(file).get().use { zip ->
val meta = zip.entries
.asSequence()
.filter { it.name.startsWith("META-INF") }
.toMutableList()
assertEquals(MODULE_ERROR, 6, meta.size)
val binary = zip.getInputStream(
zip.getEntry("META-INF/com/google/android/update-binary")
).use { it.readBytes() }
val ref = appContext.assets.open("module_installer.sh").use { it.readBytes() }
assertArrayEquals(MODULE_ERROR, ref, binary)
val script = zip.getInputStream(
zip.getEntry("META-INF/com/google/android/updater-script")
).use { it.readBytes() }
assertArrayEquals(MODULE_ERROR, "#MAGISK\n".toByteArray(), script)
}
}
private fun setupModule01(root: ExtendedFile) {
val error = "test_01 setup failed"
val path = root.getChildFile("test_01")
// Create /system/etc/newfile
val etc = path.getChildFile("system").getChildFile("etc")
assertTrue(error, etc.mkdirs())
assertTrue(error, etc.getChildFile("newfile").createNewFile())
// Delete /system/bin/screenrecord
val bin = path.getChildFile("system").getChildFile("bin")
assertTrue(error, bin.mkdirs())
assertTrue(error, Shell.cmd("mknod $bin/screenrecord c 0 0").exec().isSuccess)
// Create an empty zygisk folder
val module = LocalModule(path)
assertTrue(error, module.zygiskFolder.mkdir())
assertTrue(error, Shell.cmd("set_default_perm $path").exec().isSuccess)
}
private fun setupModule02(root: ExtendedFile) {
val error = "test_02 setup failed"
val path = root.getChildFile("test_02")
// Create invalid zygisk libraries
val module = LocalModule(path)
assertTrue(error, module.zygiskFolder.mkdirs())
assertTrue(error, module.zygiskFolder.getChildFile("armeabi-v7a.so").createNewFile())
assertTrue(error, module.zygiskFolder.getChildFile("arm64-v8a.so").createNewFile())
assertTrue(error, module.zygiskFolder.getChildFile("x86.so").createNewFile())
assertTrue(error, module.zygiskFolder.getChildFile("x86_64.so").createNewFile())
assertTrue(error, Shell.cmd("set_default_perm $path").exec().isSuccess)
}
private fun setupModule03(root: ExtendedFile) {
val error = "test_03 setup failed"
val path = root.getChildFile("test_03")
// Create a new module but mark is as "remove"
val module = LocalModule(path)
assertTrue(error, path.mkdirs())
assertTrue(error, path.getChildFile("service.sh").createNewFile())
module.remove = true
assertTrue(error, Shell.cmd("set_default_perm $path").exec().isSuccess)
}
@Test
fun setupMagisk() {
fun setupEnvironment() {
runBlocking {
assertTrue(
"Magisk setup failed",
MagiskInstaller.Emulator(TimberLog, TimberLog).exec()
)
}
}
@Test
fun setupLsposed() {
assumeTrue(lsposed())
val notify = object : DownloadNotifier {
override val context = this@Environment.context
override val context = appContext
override fun notifyUpdate(id: Int, editor: (Notification.Builder) -> Unit) {}
}
val processor = DownloadProcessor(notify)
val zip = context.cachedFile("lsposed.zip")
val shamiko = appContext.cachedFile("shamiko.zip")
runBlocking {
ServiceLocator.networkService.fetchFile(LSPOSED_URL).byteStream().use {
processor.handleModule(it, zip.toUri())
testContext.assets.open("shamiko.zip").use {
processor.handleModule(it, shamiko.toUri())
}
assertTrue(
"LSPosed installation failed",
FlashZip(zip.toUri(), TimberLog, TimberLog).exec()
)
checkModuleZip(shamiko)
if (shamiko()) {
assertTrue(
"Shamiko installation failed",
FlashZip(shamiko.toUri(), TimberLog, TimberLog).exec()
)
}
}
val lsp = appContext.cachedFile("lsposed.zip")
runBlocking {
testContext.assets.open("lsposed.zip").use {
processor.handleModule(it, lsp.toUri())
}
checkModuleZip(lsp)
if (lsposed()) {
assertTrue(
"LSPosed installation failed",
FlashZip(lsp.toUri(), TimberLog, TimberLog).exec()
)
}
}
if (testModules()) {
val root = RootUtils.fs.getFile(Const.MODULE_PATH)
setupModule01(root)
setupModule02(root)
setupModule03(root)
}
}
@@ -82,7 +189,7 @@ class Environment : BaseTest {
assertTrue(
"App hiding failed",
AppMigration.patchAndHide(
context = context,
context = appContext,
label = "Settings",
pkg = "repackaged.$APP_PACKAGE_NAME"
)
@@ -95,7 +202,7 @@ class Environment : BaseTest {
runBlocking {
assertTrue(
"App restoration failed",
AppMigration.restoreApp(context)
AppMigration.restoreApp(appContext)
)
}
}

1
app/shared/src/main/AndroidManifest.xml
View File

@@ -25,6 +25,7 @@
<application
android:allowBackup="false"
android:enableOnBackInvokedCallback="false"
android:label="Magisk"
android:requestLegacyExternalStorage="true"
android:supportsRtl="true"

8
app/shared/src/main/java/com/topjohnwu/magisk/ProviderInstaller.java
View File

@@ -7,12 +7,12 @@ public class ProviderInstaller {
private static final String GMS_PACKAGE_NAME = "com.google.android.gms";
public static boolean install(Context context) {
public static void install(Context context) {
try {
// Check if gms is a system app
ApplicationInfo appInfo = context.getPackageManager().getApplicationInfo(GMS_PACKAGE_NAME, 0);
if ((appInfo.flags & ApplicationInfo.FLAG_SYSTEM) == 0) {
return false;
return;
}
// Try installing new SSL provider from Google Play Service
@@ -22,9 +22,7 @@ public class ProviderInstaller {
.loadClass("com.google.android.gms.common.security.ProviderInstallerImpl")
.getMethod("insertProvider", Context.class)
.invoke(null, gms);
} catch (Exception e) {
return false;
} catch (Exception ignored) {
}
return true;
}
}

2
app/test/build.gradle.kts
View File

@@ -20,7 +20,7 @@ android {
}
}
setupAppCommon()
setupTestApk()
dependencies {
implementation(libs.test.runner)

232
build.py
View File

@@ -2,7 +2,6 @@
import argparse
import copy
import glob
import lzma
import multiprocessing
import os
import platform
@@ -57,14 +56,6 @@ if is_windows:
if not sys.version_info >= (3, 8):
error("Requires Python 3.8+")
try:
sdk_path = Path(os.environ["ANDROID_HOME"])
except KeyError:
try:
sdk_path = Path(os.environ["ANDROID_SDK_ROOT"])
except KeyError:
error("Please set Android SDK path to environment variable ANDROID_HOME")
cpu_count = multiprocessing.cpu_count()
os_name = platform.system().lower()
@@ -80,17 +71,6 @@ default_targets = {"magisk", "magiskinit", "magiskboot", "magiskpolicy"}
support_targets = default_targets | {"resetprop"}
rust_targets = {"magisk", "magiskinit", "magiskboot", "magiskpolicy"}
# Common paths
ndk_root = sdk_path / "ndk"
ndk_path = ndk_root / "magisk"
ndk_build = ndk_path / "ndk-build"
rust_bin = ndk_path / "toolchains" / "rust" / "bin"
llvm_bin = ndk_path / "toolchains" / "llvm" / "prebuilt" / f"{os_name}-x86_64" / "bin"
cargo = rust_bin / "cargo"
gradlew = Path.cwd() / "gradlew"
adb_path = sdk_path / "platform-tools" / "adb"
native_gen_path = Path("native", "out", "generated").resolve()
# Global vars
config = {}
args = {}
@@ -162,37 +142,22 @@ def cmd_out(cmds: list):
)
def xz(data):
return lzma.compress(data, preset=9, check=lzma.CHECK_NONE)
###############
# Build Native
###############
def clean_elf():
if is_windows:
elf_cleaner = Path("tools", "elf-cleaner.exe")
else:
elf_cleaner = Path("native", "out", "elf-cleaner")
if not elf_cleaner.exists():
execv(
[
"gcc",
'-DPACKAGE_NAME="termux-elf-cleaner"',
'-DPACKAGE_VERSION="2.1.1"',
'-DCOPYRIGHT="Copyright (C) 2022 Termux."',
"tools/termux-elf-cleaner/elf-cleaner.cpp",
"tools/termux-elf-cleaner/arghandling.c",
"-o",
elf_cleaner,
]
)
cmds = [elf_cleaner, "--api-level", "23"]
cargo_toml = Path("tools", "elf-cleaner", "Cargo.toml")
cmds = ["run", "--release", "--manifest-path", cargo_toml]
if args.verbose == 0:
cmds.append("-q")
elif args.verbose > 1:
cmds.append("--verbose")
cmds.append("--")
cmds.extend(glob.glob("native/out/*/magisk"))
cmds.extend(glob.glob("native/out/*/magiskpolicy"))
execv(cmds)
run_cargo(cmds)
def run_ndk_build(cmds: list):
@@ -256,11 +221,11 @@ def build_cpp_src(targets: set):
def run_cargo(cmds):
ensure_paths()
env = os.environ.copy()
env["PATH"] = f'{rust_bin}{os.pathsep}{env["PATH"]}'
env["CARGO_BUILD_RUSTC"] = str(rust_bin / f"rustc{EXE_EXT}")
env["RUSTUP_TOOLCHAIN"] = str(rust_sysroot)
env["CARGO_BUILD_RUSTFLAGS"] = f"-Z threads={min(8, cpu_count)}"
return execv([cargo, *cmds], env)
return execv(["cargo", *cmds], env)
def build_rust_src(targets: set):
@@ -333,6 +298,7 @@ def dump_flag_header():
flag_txt += f'#define MAGISK_VER_CODE {config["versionCode"]}\n'
flag_txt += f"#define MAGISK_DEBUG {0 if args.release else 1}\n"
native_gen_path = Path("native", "out", "generated")
native_gen_path.mkdir(mode=0o755, parents=True, exist_ok=True)
write_if_diff(native_gen_path / "flags.h", flag_txt)
@@ -342,6 +308,8 @@ def dump_flag_header():
def build_native():
ensure_paths()
# Verify NDK install
try:
with open(Path(ndk_path, "ONDK_VERSION"), "r") as ondk_ver:
@@ -401,13 +369,14 @@ def find_jdk():
if no_jdk:
error(
"Please set Android Studio's path to environment variable ANDROID_STUDIO,\n"
+ "or install JDK 17 and make sure 'javac' is available in PATH"
+ "or install JDK 21 and make sure 'javac' is available in PATH"
)
return env
def build_apk(module: str):
ensure_paths()
env = find_jdk()
build_type = "Release" if args.release else "Debug"
@@ -479,6 +448,7 @@ def build_test():
def cleanup():
ensure_paths()
support_targets = {"native", "cpp", "rust", "app"}
if args.targets:
targets = set(args.targets) & support_targets
@@ -503,6 +473,7 @@ def cleanup():
if "native" in targets:
rm_rf(Path("native", "out"))
rm_rf(Path("tools", "elf-cleaner", "target"))
if "app" in targets:
header("* Cleaning app")
@@ -520,6 +491,16 @@ def build_all():
############
def clippy_cli():
args.force_out = True
os.chdir(Path("native", "src"))
cmds = ["clippy", "--no-deps", "--target"]
for triple in build_abis.values():
run_cargo(cmds + [triple])
run_cargo(cmds + [triple, "--release"])
os.chdir(Path("..", ".."))
def cargo_cli():
args.force_out = True
if len(args.commands) >= 1 and args.commands[0] == "--":
@@ -530,6 +511,7 @@ def cargo_cli():
def setup_ndk():
ensure_paths()
ndk_ver = config["ondkVersion"]
url = f"https://github.com/topjohnwu/ondk/releases/download/{ndk_ver}/ondk-{ndk_ver}-{os_name}.tar.xz"
ndk_archive = url.split("/")[-1]
@@ -548,14 +530,54 @@ def setup_ndk():
mv(ondk_path, ndk_path)
def setup_rustup():
wrapper_dir = Path(args.wrapper_dir)
rm_rf(wrapper_dir)
wrapper_dir.mkdir(mode=0o755, parents=True, exist_ok=True)
if "CARGO_HOME" in os.environ:
cargo_home = Path(os.environ["CARGO_HOME"])
else:
cargo_home = Path.home() / ".cargo"
cargo_bin = cargo_home / "bin"
for src in cargo_bin.iterdir():
tgt = wrapper_dir / src.name
tgt.symlink_to(f"rustup{EXE_EXT}")
# Build rustup-wrapper
wrapper_src = Path("tools", "rustup-wrapper")
cargo_toml = wrapper_src / "Cargo.toml"
cmds = ["build", "--release", f"--manifest-path={cargo_toml}"]
if args.verbose > 1:
cmds.append("--verbose")
run_cargo(cmds)
# Replace rustup with wrapper
wrapper = wrapper_dir / (f"rustup{EXE_EXT}")
wrapper.unlink(missing_ok=True)
cp(wrapper_src / "target" / "release" / (f"rustup-wrapper{EXE_EXT}"), wrapper)
wrapper.chmod(0o755)
##################
# AVD and testing
##################
def push_files(script):
if args.build:
build_all()
ensure_adb()
abi = cmd_out([adb_path, "shell", "getprop", "ro.product.cpu.abi"])
if not abi:
error("Cannot detect emulator ABI")
apk = Path(
config["outdir"], ("app-release.apk" if args.release else "app-debug.apk")
)
if args.apk:
apk = Path(args.apk)
else:
apk = Path(
config["outdir"], ("app-release.apk" if args.release else "app-debug.apk")
)
# Extract busybox from APK
busybox = Path(config["outdir"], "busybox")
@@ -577,9 +599,6 @@ def push_files(script):
def setup_avd():
if not args.skip:
build_all()
header("* Setting up emulator")
push_files(Path("scripts", "avd_magisk.sh"))
@@ -590,17 +609,8 @@ def setup_avd():
def patch_avd_file():
if not args.skip:
build_all()
input = Path(args.image)
if args.output:
output = Path(args.output)
else:
output = input.parent / f"{input.name}.magisk"
src_file = f"/data/local/tmp/{input.name}"
out_file = f"{src_file}.magisk"
output = Path(args.output)
header(f"* Patching {input.name}")
@@ -610,6 +620,9 @@ def patch_avd_file():
if proc.returncode != 0:
error("adb push failed!")
src_file = f"/data/local/tmp/{input.name}"
out_file = f"{src_file}.magisk"
proc = execv([adb_path, "shell", "sh", "/data/local/tmp/avd_patch.sh", src_file])
if proc.returncode != 0:
error("avd_patch.sh failed!")
@@ -621,37 +634,47 @@ def patch_avd_file():
header(f"Output: {output}")
def setup_rustup():
wrapper_dir = Path(args.wrapper_dir)
rm_rf(wrapper_dir)
wrapper_dir.mkdir(mode=0o755, parents=True, exist_ok=True)
if "CARGO_HOME" in os.environ:
cargo_home = Path(os.environ["CARGO_HOME"])
else:
cargo_home = Path.home() / ".cargo"
cargo_bin = cargo_home / "bin"
for src in cargo_bin.iterdir():
tgt = wrapper_dir / src.name
tgt.symlink_to(src)
# Build rustup_wrapper
wrapper_src = Path("tools", "rustup_wrapper")
cargo_toml = wrapper_src / "Cargo.toml"
cmds = ["build", "--release", f"--manifest-path={cargo_toml}"]
if args.verbose > 1:
cmds.append("--verbose")
run_cargo(cmds)
# Replace rustup with wrapper
wrapper = wrapper_dir / (f"rustup{EXE_EXT}")
wrapper.unlink(missing_ok=True)
cp(wrapper_src / "target" / "release" / (f"rustup_wrapper{EXE_EXT}"), wrapper)
wrapper.chmod(0o755)
##########################
# Config, paths, argparse
##########################
##################
# Config and args
##################
def ensure_paths():
global sdk_path, ndk_root, ndk_path, ndk_build, rust_sysroot
global llvm_bin, gradlew, adb_path, native_gen_path
# Skip if already initialized
if "sdk_path" in globals():
return
try:
sdk_path = Path(os.environ["ANDROID_HOME"])
except KeyError:
try:
sdk_path = Path(os.environ["ANDROID_SDK_ROOT"])
except KeyError:
error("Please set Android SDK path to environment variable ANDROID_HOME")
ndk_root = sdk_path / "ndk"
ndk_path = ndk_root / "magisk"
ndk_build = ndk_path / "ndk-build"
rust_sysroot = ndk_path / "toolchains" / "rust"
llvm_bin = (
ndk_path / "toolchains" / "llvm" / "prebuilt" / f"{os_name}-x86_64" / "bin"
)
adb_path = sdk_path / "platform-tools" / "adb"
gradlew = Path.cwd() / "gradlew"
# We allow using several functionality with only ADB
def ensure_adb():
global adb_path
if "adb_path" not in globals():
adb_path = shutil.which("adb")
if not adb_path:
error("Command 'adb' cannot be found in PATH")
else:
adb_path = Path(adb_path)
def parse_props(file):
@@ -751,17 +774,19 @@ def parse_args():
ndk_parser = subparsers.add_parser("ndk", help="setup Magisk NDK")
emu_parser = subparsers.add_parser("emulator", help="setup AVD for development")
emu_parser.add_argument("apk", help="a Magisk APK to use", nargs="?")
emu_parser.add_argument(
"-s", "--skip", action="store_true", help="skip building binaries and the app"
"-b", "--build", action="store_true", help="build before patching"
)
avd_patch_parser = subparsers.add_parser(
"avd_patch", help="patch AVD ramdisk.img or init_boot.img"
)
avd_patch_parser.add_argument("image", help="path to ramdisk.img or init_boot.img")
avd_patch_parser.add_argument("output", help="optional output file name", nargs="?")
avd_patch_parser.add_argument("output", help="output file name")
avd_patch_parser.add_argument("--apk", help="a Magisk APK to use")
avd_patch_parser.add_argument(
"-s", "--skip", action="store_true", help="skip building binaries and the app"
"-b", "--build", action="store_true", help="build before patching"
)
cargo_parser = subparsers.add_parser(
@@ -769,6 +794,8 @@ def parse_args():
)
cargo_parser.add_argument("commands", nargs=argparse.REMAINDER)
clippy_parser = subparsers.add_parser("clippy", help="run clippy on Rust sources")
rustup_parser = subparsers.add_parser("rustup", help="setup rustup wrapper")
rustup_parser.add_argument(
"wrapper_dir", help="path to setup rustup wrapper binaries"
@@ -778,6 +805,7 @@ def parse_args():
all_parser.set_defaults(func=build_all)
native_parser.set_defaults(func=build_native)
cargo_parser.set_defaults(func=cargo_cli)
clippy_parser.set_defaults(func=clippy_cli)
rustup_parser.set_defaults(func=setup_rustup)
app_parser.set_defaults(func=build_app)
stub_parser.set_defaults(func=build_stub)
@@ -794,7 +822,13 @@ def parse_args():
return parser.parse_args()
args = parse_args()
load_config()
vars(args)["force_out"] = False
args.func()
def main():
global args
args = parse_args()
load_config()
vars(args)["force_out"] = False
args.func()
if __name__ == "__main__":
main()

76
buildSrc/src/main/java/Setup.kt
View File

@@ -71,10 +71,10 @@ private val Project.androidComponents
fun Project.setupCommon() {
androidBase {
compileSdkVersion(35)
buildToolsVersion = "35.0.1"
compileSdkVersion(36)
buildToolsVersion = "36.0.0"
ndkPath = "$sdkDirectory/ndk/magisk"
ndkVersion = "28.0.12674087"
ndkVersion = "29.0.13113456"
defaultConfig {
minSdk = 23
@@ -115,6 +115,27 @@ fun Project.setupCommon() {
}
}
private fun Project.downloadFile(url: String, checksum: String): File {
val file = layout.buildDirectory.file(checksum).get().asFile
if (file.exists()) {
val md = MessageDigest.getInstance("SHA-256")
file.inputStream().use { md.update(it.readAllBytes()) }
val hash = HexFormat.of().formatHex(md.digest())
if (hash != checksum) {
file.delete()
}
}
if (!file.exists()) {
file.parentFile.mkdirs()
URI(url).toURL().openStream().use { dl ->
file.outputStream().use {
dl.copyTo(it)
}
}
}
return file
}
const val BUSYBOX_DOWNLOAD_URL =
"https://github.com/topjohnwu/magisk-files/releases/download/files/busybox-1.36.1.1.zip"
const val BUSYBOX_ZIP_CHECKSUM =
@@ -144,24 +165,7 @@ fun Project.setupCoreLib() {
val downloadBusybox by tasks.registering(Copy::class) {
dependsOn(syncLibs)
val bb = layout.buildDirectory.file(BUSYBOX_ZIP_CHECKSUM).get().asFile
if (bb.exists()) {
val md = MessageDigest.getInstance("SHA-256")
bb.inputStream().use { md.update(it.readAllBytes()) }
val hash = HexFormat.of().formatHex(md.digest())
if (hash != BUSYBOX_ZIP_CHECKSUM) {
bb.delete()
}
}
if (!bb.exists()) {
bb.parentFile.mkdirs()
URI(BUSYBOX_DOWNLOAD_URL).toURL().openStream().use { dl ->
bb.outputStream().use {
dl.copyTo(it)
}
}
}
from(zipTree(bb))
from(zipTree(downloadFile(BUSYBOX_DOWNLOAD_URL, BUSYBOX_ZIP_CHECKSUM)))
include(abiList.map { "$it/libbusybox.so" })
into("src/main/jniLibs")
}
@@ -298,7 +302,7 @@ fun Project.setupAppCommon() {
}
defaultConfig {
targetSdk = 35
targetSdk = 36
proguardFiles(
getDefaultProguardFile("proguard-android-optimize.txt")
)
@@ -462,3 +466,31 @@ fun Project.setupStubApk() {
delete.addAll(listOf("src/debug/AndroidManifest.xml", "src/release/AndroidManifest.xml"))
}
}
const val LSPOSED_DOWNLOAD_URL =
"https://github.com/LSPosed/LSPosed/releases/download/v1.9.2/LSPosed-v1.9.2-7024-zygisk-release.zip"
const val LSPOSED_CHECKSUM =
"0ebc6bcb465d1c4b44b7220ab5f0252e6b4eb7fe43da74650476d2798bb29622"
const val SHAMIKO_DOWNLOAD_URL =
"https://github.com/LSPosed/LSPosed.github.io/releases/download/shamiko-383/Shamiko-v1.2.1-383-release.zip"
const val SHAMIKO_CHECKSUM =
"93754a038c2d8f0e985bad45c7303b96f70a93d8335060e50146f028d3a9b13f"
fun Project.setupTestApk() {
setupAppCommon()
androidApp.applicationVariants.all {
val variantCapped = name.replaceFirstChar { it.uppercase() }
val dlTask by tasks.register("download${variantCapped}Lsposed", Sync::class) {
from(downloadFile(LSPOSED_DOWNLOAD_URL, LSPOSED_CHECKSUM)) {
rename { "lsposed.zip" }
}
from(downloadFile(SHAMIKO_DOWNLOAD_URL, SHAMIKO_CHECKSUM)) {
rename { "shamiko.zip" }
}
into("src/${this@all.name}/assets")
}
mergeAssetsProvider.configure { dependsOn(dlTask) }
}
}

9
docs/build.md
View File

@@ -40,12 +40,9 @@
### Developing Rust
The Magisk NDK package [ONDK](https://github.com/topjohnwu/ondk) (the one installed with `./build.py ndk`) bundles a complete Rust toolchain, so _building_ the Magisk project itself does not require any further configuration. However, if you'd like to work on the Rust codebase with proper support, you'd need some setup as most development tools are built around `rustup`.
First, install [rustup](https://www.rust-lang.org/tools/install), the official Rust toolchain manager. The Magisk NDK package [ONDK](https://github.com/topjohnwu/ondk) (the one installed with `./build.py ndk`) bundles a complete Rust toolchain, so _building_ the Magisk project itself does not require any further configuration.
Let's first setup `rustup` to use our custom ONDK Rust toolchain by default:
- Install [rustup](https://rustup.rs/), the official Rust toolchain manager
- Link the ONDK Rust toolchain and set it as default:
However, if you'd like to work on the Rust codebase, it'll be easier if you link ONDK's Rust toolchain in `rustup` and set it as default so several development tools and IDEs will work properly:
```bash
# Link the ONDK toolchain with the name "magisk"
@@ -54,7 +51,7 @@ rustup toolchain link magisk "$ANDROID_HOME/ndk/magisk/toolchains/rust"
rustup default magisk
```
If you plan to use VSCode, you can then install the [rust-analyzer](https://marketplace.visualstudio.com/items?itemName=rust-lang.rust-analyzer) plugin and everything should be good to go. If you plan to use Jetbrain IDEs (e.g. [Rustrover](https://www.jetbrains.com/rust/), or its Rust Plugin), due to its poor support with custom toolchains, we need some additional setup:
If you plan to use VSCode, you can then install the [rust-analyzer](https://marketplace.visualstudio.com/items?itemName=rust-lang.rust-analyzer) plugin and everything should be good to go. If you plan to use Jetbrain IDEs (e.g. [Rustrover](https://www.jetbrains.com/rust/), or its Rust Plugin), we need some additional setup:
- Install the official nightly toolchain and add some components. We won't actually use the nightly toolchain for anything other than tricking the IDE to cooperate; the magic happens in the wrapper we setup in the next step.

13
docs/faq.md
View File

@@ -7,9 +7,10 @@ If you have USB debugging enabled in developer options, connect your phone to th
If unfortunately you do not have USB debugging enabled you can boot using the Safe Mode key combo to cause Magisk to create an empty file named 'disable' in modules directories which disables modules when next booted with Magisk. Most modern Android devices support such a special key combo at boot to enter system Safe Mode as an emergency option, but **please note** that Magisk's key combo detection occurs _earlier_ than system detection so the key combo timing indicated by many online guides may need to be altered to activate Magisk's Safe Mode. (It's possible to activate system Safe Mode but not Magisk Safe Mode and vice versa.)
The following details should ensure that modules are properly disabled:
1) Many online guides for entering Safe Mode say 'When the animated logo appears, press and hold the volume down button until the system boots' or similar. This may actually be _too late_ for Magisk detection however and result in activating system Safe Mode but modules are not disabled.
2) By pressing the volume down button some seconds before the animation and releasing it as soon as the boot animation appears, Magisk's Safe Mode should be activated without activating system Safe Mode (thus avoiding disabling other device and app settings) and the device should then simply boot to normal system with modules disabled.
3) By pressing the volume down button some seconds before the animation and holding it until the system boots, both Magisk's Safe Mode and system Safe Mode should be activated. Next, after booting back to normal system, modules will be disabled.
1. Many online guides for entering Safe Mode say 'When the animated logo appears, press and hold the volume down button until the system boots' or similar. This may actually be _too late_ for Magisk detection however and result in activating system Safe Mode but modules are not disabled.
2. By pressing the volume down button some seconds before the animation and releasing it as soon as the boot animation appears, Magisk's Safe Mode should be activated without activating system Safe Mode (thus avoiding disabling other device and app settings) and the device should then simply boot to normal system with modules disabled.
3. By pressing the volume down button some seconds before the animation and holding it until the system boots, both Magisk's Safe Mode and system Safe Mode should be activated. Next, after booting back to normal system, modules will be disabled.
### Q: Why is X app detecting root?
@@ -20,3 +21,9 @@ Magisk no longer handles root hiding. There are plenty of Magisk/Zygisk modules
When hiding the Magisk app, it will install a "stub" APK that has nothing in it. The only functionality this stub app has is downloading the full Magisk app APK into its internal storage and dynamically loading it. Due to the fact that the APK is literally _empty_, it does not contain the image resource for the app icon.
When you open the hidden Magisk app, it will offer you the option to create a shortcut in the homescreen (which has both the correct app name and icon) for your convenience. You can also manually ask the app to create the icon in app settings.
### Q: How to use Magisk in the emulator?
With the emulator running and accessible via ADB, run `./build.py emulator <path to Magisk APK>` to temporarily install Magisk on to the emulator. The patch is not persistent, meaning Magisk will be lost after a reboot, so re-execute the script to emulate a reboot if required.
The script is only tested on the official Android Virtual Device (AVD) shipped alongside Android Studio; other emulators may work, but the emulator must have SELinux enabled.

4
docs/install.md
View File

@@ -76,7 +76,7 @@ As a summary, after installing Magisk in recovery **(starting from power off)**:
Before proceeding, please acknowledge that:
- Installing Magisk **WILL** trip your Knox Warranty Bit, this action is not reversible in any way.
- Installing Magisk for the first time **REQUIRES** a full data wipe (this is **NOT** counting the data wipe when unlocking bootloader). Please make a backup your data.
- Installing Magisk for the first time **REQUIRES** a full data wipe (this is **NOT** counting the data wipe when unlocking bootloader). Please make a backup of your data.
### Flashing Tools
@@ -86,7 +86,7 @@ Before proceeding, please acknowledge that:
### Requirements
To verify whether or not Magisk can be installed in your Samsung device, you first must check the OEM Lock and KnoxGuard (RMM) status, to do so boot your device in Download mode with its key combo.
To verify whether or not Magisk can be installed in your Samsung device, you first must check the OEM Lock and KnoxGuard (RMM) status. To do so, boot your device in Download mode with its key combo.
Possible OEM Lock values are the following:
- **ON (L)**: fully locked.

4
gradle.properties
View File

@@ -30,5 +30,5 @@ android.nonFinalResIds=false
# Magisk
magisk.stubVersion=40
magisk.versionCode=28102
magisk.ondkVersion=r28.2
magisk.versionCode=28104
magisk.ondkVersion=r29.1

6
gradle/libs.versions.toml
View File

@@ -1,7 +1,7 @@
[versions]
kotlin = "2.1.0"
android = "8.8.0"
ksp = "2.1.0-1.0.29"
kotlin = "2.1.20"
android = "8.9.1"
ksp = "2.1.20-1.0.31"
rikka = "1.3.0"
navigation = "2.8.4"
libsu = "6.0.0"

2
gradle/wrapper/gradle-wrapper.properties vendored
View File

@@ -1,6 +1,6 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.12-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.13-bin.zip
networkTimeout=10000
validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME

2
native/src/.cargo/config.toml
View File

@@ -8,5 +8,5 @@ target-dir = "../out/rust"
[unstable]
build-std = ["std", "panic_abort"]
build-std-features = ["panic_immediate_abort"]
build-std-features = ["panic_immediate_abort", "optimize_for_size"]
profile-rustflags = true

14
native/src/Android.mk
View File

@@ -18,10 +18,7 @@ LOCAL_SRC_FILES := \
core/applets.cpp \
core/magisk.cpp \
core/daemon.cpp \
core/bootstages.cpp \
core/socket.cpp \
core/scripting.cpp \
core/selinux.cpp \
core/sqlite.cpp \
core/module.cpp \
core/thread.cpp \
@@ -29,10 +26,7 @@ LOCAL_SRC_FILES := \
core/resetprop/resetprop.cpp \
core/su/su.cpp \
core/su/connect.cpp \
core/su/pts.cpp \
core/su/su_daemon.cpp \
core/zygisk/entry.cpp \
core/zygisk/main.cpp \
core/zygisk/module.cpp \
core/zygisk/hook.cpp \
core/deny/cli.cpp \
@@ -67,18 +61,16 @@ LOCAL_STATIC_LIBRARIES := \
libinit-rs
LOCAL_SRC_FILES := \
init/init.cpp \
init/mount.cpp \
init/rootdir.cpp \
init/getinfo.cpp \
init/twostage.cpp \
init/selinux.cpp \
init/init-rs.cpp
LOCAL_LDFLAGS := -static
ifdef B_CRT0
LOCAL_STATIC_LIBRARIES += crt0
LOCAL_LDFLAGS += -Wl,--defsym=vfprintf=tiny_vfprintf
endif
include $(BUILD_EXECUTABLE)
@@ -93,8 +85,6 @@ LOCAL_STATIC_LIBRARIES := \
libbase \
liblzma \
liblz4 \
libbz2 \
libz \
libzopfli \
libboot-rs
@@ -125,8 +115,6 @@ LOCAL_STATIC_LIBRARIES := \
libpolicy \
libpolicy-rs
LOCAL_SRC_FILES := sepolicy/main.cpp
include $(BUILD_EXECUTABLE)
endif

1
native/src/Application.mk
View File

@@ -5,7 +5,6 @@ APP_STL := none
APP_PLATFORM := android-23
APP_THIN_ARCHIVE := true
APP_STRIP_MODE := none
APP_SUPPORT_FLEXIBLE_PAGE_SIZES := true
ifdef MAGISK_DEBUG

321
native/src/Cargo.lock generated
View File

@@ -10,17 +10,20 @@ checksum = "55cc3b69f167a1ef2e161439aa98aed94e6028e5f9a59be9a6ffb47aef1651f9"
[[package]]
name = "argh"
version = "0.1.12"
source = "git+https://github.com/google/argh.git?rev=1c632b046d084e7bde86b82dfc969b30b4647c8c#1c632b046d084e7bde86b82dfc969b30b4647c8c"
version = "0.1.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34ff18325c8a36b82f992e533ece1ec9f9a9db446bd1c14d4f936bac88fcd240"
dependencies = [
"argh_derive",
"argh_shared",
"rust-fuzzy-search",
]
[[package]]
name = "argh_derive"
version = "0.1.12"
source = "git+https://github.com/google/argh.git?rev=1c632b046d084e7bde86b82dfc969b30b4647c8c#1c632b046d084e7bde86b82dfc969b30b4647c8c"
version = "0.1.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "adb7b2b83a50d329d5d8ccc620f5c7064028828538bdf5646acd60dc1f767803"
dependencies = [
"argh_shared",
"proc-macro2",
@@ -30,11 +33,9 @@ dependencies = [
[[package]]
name = "argh_shared"
version = "0.1.12"
source = "git+https://github.com/google/argh.git?rev=1c632b046d084e7bde86b82dfc969b30b4647c8c#1c632b046d084e7bde86b82dfc969b30b4647c8c"
dependencies = [
"serde",
]
version = "0.1.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a464143cc82dedcdc3928737445362466b7674b5db4e2eb8e869846d6d84f4f6"
[[package]]
name = "autocfg"
@@ -66,9 +67,9 @@ checksum = "4c7f02d4ea65f2c1853089ffd8d2787bdbc63de2f0d29dedbcf8ccdfa0ccd4cf"
[[package]]
name = "base64ct"
version = "1.6.0"
version = "1.7.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b"
checksum = "89e25b6adfb930f02d1981565a6e5d9c547ac15a96606256d3b59040e5cd4ca3"
[[package]]
name = "bit-set"
@@ -96,18 +97,18 @@ dependencies = [
[[package]]
name = "bytemuck"
version = "1.20.0"
version = "1.22.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8b37c88a63ffd85d15b406896cc343916d7cf57838a847b3a6f2ca5d39a5695a"
checksum = "b6b1fc10dbac614ebc03540c9dbd60e83887fda27794998c6528f1782047d540"
dependencies = [
"bytemuck_derive",
]
[[package]]
name = "bytemuck_derive"
version = "1.8.0"
version = "1.9.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bcfcc3cd946cb52f0bbfdbbcfa2f4e24f75ebb6c0e1002f7c25904fada18b9ec"
checksum = "7ecc273b49b3205b83d648f0690daa588925572cc5063745bfe547fe7ec8e1a1"
dependencies = [
"proc-macro2",
"quote",
@@ -122,9 +123,9 @@ checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
[[package]]
name = "cc"
version = "1.2.3"
version = "1.2.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "27f657647bcff5394bf56c7317665bbf790a137a50eaaa5c6bfbb9e27a518f2d"
checksum = "8e3a13707ac958681c13b39b458c073d0d9bc8a22cb1b2f4c8e55eb72c13f362"
dependencies = [
"shlex",
]
@@ -137,18 +138,18 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
[[package]]
name = "clap"
version = "4.5.23"
version = "4.5.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3135e7ec2ef7b10c6ed8950f0f792ed96ee093fa088608f1c76e569722700c84"
checksum = "d8aa86934b44c19c50f87cc2790e19f54f7a67aedb64101c2e1a2e5ecfb73944"
dependencies = [
"clap_builder",
]
[[package]]
name = "clap_builder"
version = "4.5.23"
version = "4.5.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "30582fc632330df2bd26877bde0c1f4470d57c582bbc070376afcd04d8cb4838"
checksum = "2414dbb2dd0695280da6ea9261e327479e9d37b0630f6b53ba2a11c60c679fd9"
dependencies = [
"anstyle",
"clap_lex",
@@ -173,9 +174,9 @@ dependencies = [
[[package]]
name = "const-oid"
version = "0.10.0-rc.3"
version = "0.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "68ff6be19477a1bd5441f382916a89bc2a0b2c35db6d41e0f6e8538bf6d6463f"
checksum = "0dabb6555f92fb9ee4140454eb5dcd14c7960e1225c6d1a6cc361f032947713e"
[[package]]
name = "const_format"
@@ -199,22 +200,23 @@ dependencies = [
[[package]]
name = "cpufeatures"
version = "0.2.16"
version = "0.2.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "16b80225097f2e5ae4e7179dd2266824648f3e2f49d9134d584b76389d31c4c3"
checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280"
dependencies = [
"libc",
]
[[package]]
name = "crypto-bigint"
version = "0.6.0-rc.6"
version = "0.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d748d1f5b807ee6d0df5a548d0130417295c3aaed1dcbbb3d6a2e7106e11fcca"
checksum = "96272c2ff28b807e09250b180ad1fb7889a3258f7455759b5c3c58b719467130"
dependencies = [
"hybrid-array",
"num-traits",
"rand_core",
"serdect",
"subtle",
"zeroize",
]
@@ -230,9 +232,19 @@ dependencies = [
"rand_core",
]
[[package]]
name = "crypto-primes"
version = "0.6.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2acbaf157961745008b5a80ee1cc974150691304fe9177edf69747142bfd9878"
dependencies = [
"crypto-bigint",
"rand_core",
]
[[package]]
name = "cxx"
version = "1.0.133"
version = "1.0.137"
dependencies = [
"cc",
"cxxbridge-cmd",
@@ -243,7 +255,7 @@ dependencies = [
[[package]]
name = "cxx-gen"
version = "0.7.133"
version = "0.7.137"
dependencies = [
"codespan-reporting",
"proc-macro2",
@@ -253,7 +265,7 @@ dependencies = [
[[package]]
name = "cxxbridge-cmd"
version = "1.0.133"
version = "1.0.137"
dependencies = [
"clap",
"codespan-reporting",
@@ -264,11 +276,11 @@ dependencies = [
[[package]]
name = "cxxbridge-flags"
version = "1.0.133"
version = "1.0.137"
[[package]]
name = "cxxbridge-macro"
version = "1.0.133"
version = "1.0.137"
dependencies = [
"proc-macro2",
"quote",
@@ -300,6 +312,15 @@ dependencies = [
"syn",
]
[[package]]
name = "derive"
version = "0.0.0"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "digest"
version = "0.11.0-pre.9"
@@ -355,9 +376,9 @@ checksum = "784a4df722dc6267a04af36895398f59d21d07dce47232adf31ec0ff2fa45e67"
[[package]]
name = "ff"
version = "0.13.0"
version = "0.13.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449"
checksum = "c0b50bfb653653f9ca9095b427bed08ab8d75a137839d9ad64eb11810d5b6393"
dependencies = [
"rand_core",
"subtle",
@@ -365,15 +386,15 @@ dependencies = [
[[package]]
name = "flagset"
version = "0.4.6"
version = "0.4.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b3ea1ec5f8307826a5b71094dd91fc04d4ae75d5709b20ad351c7fb4815c86ec"
checksum = "b7ac824320a75a52197e8f2d787f6a38b6718bb6897a35142d749af3c0e8f4fe"
[[package]]
name = "foldhash"
version = "0.1.3"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f81ec6369c545a7d40e4589b5597581fa1c441fe1cce96dd1de43159910a36a2"
checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
[[package]]
name = "getrandom"
@@ -426,31 +447,34 @@ dependencies = [
]
[[package]]
name = "lazy_static"
version = "1.5.0"
name = "libbz2-rs-sys"
version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
checksum = "0864a00c8d019e36216b69c2c4ce50b83b7bd966add3cf5ba554ec44f8bebcf5"
dependencies = [
"spin",
"libc",
]
[[package]]
name = "libc"
version = "0.2.168"
version = "0.2.171"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5aaeb2981e0606ca11d79718f8bb01164f1d6ed75080182d3abf017e6d244b6d"
checksum = "c19937216e9d3aa9956d9bb8dfc0b0c8beb6058fc4f7a4dc4d850edf86a237d6"
[[package]]
name = "libm"
version = "0.2.11"
name = "libz-rs-sys"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8355be11b20d696c8f18f6cc018c4e372165b1fa8126cef092399c9951984ffa"
checksum = "6489ca9bd760fe9642d7644e827b0c9add07df89857b0416ee15c1cc1a3b8c5a"
dependencies = [
"zlib-rs",
]
[[package]]
name = "log"
version = "0.4.22"
version = "0.4.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24"
checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94"
[[package]]
name = "magisk"
@@ -461,6 +485,7 @@ dependencies = [
"bytemuck",
"cxx",
"cxx-gen",
"derive",
"num-derive",
"num-traits",
"pb-rs",
@@ -474,6 +499,7 @@ version = "0.0.0"
dependencies = [
"argh",
"base",
"block-buffer",
"bytemuck",
"byteorder",
"cxx",
@@ -481,6 +507,8 @@ dependencies = [
"der",
"digest",
"fdt",
"libbz2-rs-sys",
"libz-rs-sys",
"num-traits",
"p256",
"p384",
@@ -488,6 +516,7 @@ dependencies = [
"pb-rs",
"quick-protobuf",
"rsa",
"sec1",
"sha1",
"sha2",
"size",
@@ -508,6 +537,7 @@ dependencies = [
name = "magiskpolicy"
version = "0.0.0"
dependencies = [
"argh",
"base",
"cxx",
"cxx-gen",
@@ -535,23 +565,6 @@ dependencies = [
"minimal-lexical",
]
[[package]]
name = "num-bigint-dig"
version = "0.8.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dc84195820f291c7697304f3cbdadd1cb7199c0efc917ff5eafd71225c136151"
dependencies = [
"byteorder",
"lazy_static",
"libm",
"num-integer",
"num-iter",
"num-traits",
"rand",
"smallvec",
"zeroize",
]
[[package]]
name = "num-derive"
version = "0.4.2"
@@ -563,26 +576,6 @@ dependencies = [
"syn",
]
[[package]]
name = "num-integer"
version = "0.1.46"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f"
dependencies = [
"num-traits",
]
[[package]]
name = "num-iter"
version = "0.1.45"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1429034a0490724d0075ebb2bc9e875d6503c3cf69e235a8941aa757d83ef5bf"
dependencies = [
"autocfg",
"num-integer",
"num-traits",
]
[[package]]
name = "num-traits"
version = "0.2.19"
@@ -590,7 +583,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841"
dependencies = [
"autocfg",
"libm",
]
[[package]]
@@ -635,7 +627,7 @@ dependencies = [
[[package]]
name = "pb-rs"
version = "0.10.0"
source = "git+https://github.com/tafia/quick-protobuf.git?rev=2f37d5a65504de7d716b5b28fd82219501a901a9#2f37d5a65504de7d716b5b28fd82219501a901a9"
source = "git+https://github.com/tafia/quick-protobuf.git#54e7d6c5d981c6f7cec2e9a2167c10ed0f9392b4"
dependencies = [
"log",
"nom",
@@ -663,23 +655,14 @@ dependencies = [
[[package]]
name = "pkcs8"
version = "0.11.0-rc.1"
version = "0.11.0-rc.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "eacd2c7141f32aef1cfd1ad0defb5287a3d94592d7ab57c1ae20e3f9f1f0db1f"
checksum = "f22636de7c995e997ed3d8d2949b7414d4faba3efa7312a6c0e75d875a14bdd4"
dependencies = [
"der",
"spki",
]
[[package]]
name = "ppv-lite86"
version = "0.2.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04"
dependencies = [
"zerocopy",
]
[[package]]
name = "primefield"
version = "0.14.0-pre.0"
@@ -697,9 +680,9 @@ dependencies = [
[[package]]
name = "proc-macro2"
version = "1.0.92"
version = "1.0.94"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "37d3544b3f2748c54e147655edb5025752e2303145b5aefb3c3ea2c78b973bb0"
checksum = "a31971752e70b8b2686d7e46ec17fb38dad4051d94024c88df49b667caea9c84"
dependencies = [
"unicode-ident",
]
@@ -707,40 +690,20 @@ dependencies = [
[[package]]
name = "quick-protobuf"
version = "0.8.1"
source = "git+https://github.com/tafia/quick-protobuf.git?rev=2f37d5a65504de7d716b5b28fd82219501a901a9#2f37d5a65504de7d716b5b28fd82219501a901a9"
source = "git+https://github.com/tafia/quick-protobuf.git#54e7d6c5d981c6f7cec2e9a2167c10ed0f9392b4"
dependencies = [
"byteorder",
]
[[package]]
name = "quote"
version = "1.0.37"
version = "1.0.40"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af"
checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d"
dependencies = [
"proc-macro2",
]
[[package]]
name = "rand"
version = "0.8.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
dependencies = [
"rand_chacha",
"rand_core",
]
[[package]]
name = "rand_chacha"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
dependencies = [
"ppv-lite86",
"rand_core",
]
[[package]]
name = "rand_core"
version = "0.6.4"
@@ -762,15 +725,14 @@ dependencies = [
[[package]]
name = "rsa"
version = "0.10.0-pre.3"
version = "0.10.0-pre.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "07058e83b684989ab0559f9e22322f4e3f7e49147834ed0bae40486b9e70473c"
checksum = "e82e90f434676d49758cab5b3ff2cc1fd8f12bf7d79b70c6088bc5a4e7c63270"
dependencies = [
"const-oid",
"crypto-bigint",
"crypto-primes",
"digest",
"num-bigint-dig",
"num-integer",
"num-traits",
"pkcs1",
"pkcs8",
"rand_core",
@@ -782,10 +744,16 @@ dependencies = [
]
[[package]]
name = "rustversion"
version = "1.0.18"
name = "rust-fuzzy-search"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0e819f2bc632f285be6d7cd36e25940d45b2391dd6d9b939e79de557f7014248"
checksum = "a157657054ffe556d8858504af8a672a054a6e0bd9e8ee531059100c0fa11bb2"
[[package]]
name = "rustversion"
version = "1.0.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "eded382c5f5f786b989652c49544c4877d9f015cc22e145a5ea8ea66c2921cd2"
[[package]]
name = "sec1"
@@ -803,24 +771,34 @@ dependencies = [
[[package]]
name = "serde"
version = "1.0.215"
version = "1.0.219"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6513c1ad0b11a9376da888e3e0baa0077f1aed55c17f50e7b2397136129fb88f"
checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6"
dependencies = [
"serde_derive",
]
[[package]]
name = "serde_derive"
version = "1.0.215"
version = "1.0.219"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ad1e866f866923f252f05c889987993144fb74e722403468a4ebd70c3cd756c0"
checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "serdect"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f42f67da2385b51a5f9652db9c93d78aeaf7610bf5ec366080b6de810604af53"
dependencies = [
"base16ct",
"serde",
]
[[package]]
name = "sha1"
version = "0.11.0-pre.4"
@@ -861,21 +839,9 @@ dependencies = [
[[package]]
name = "size"
version = "0.4.1"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9fed904c7fb2856d868b92464fc8fa597fce366edea1a9cbfaa8cb5fe080bd6d"
[[package]]
name = "smallvec"
version = "1.13.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67"
[[package]]
name = "spin"
version = "0.9.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67"
checksum = "1b6709c7b6754dca1311b3c73e79fcce40dd414c782c66d88e8823030093b02b"
[[package]]
name = "spki"
@@ -901,9 +867,9 @@ checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292"
[[package]]
name = "syn"
version = "2.0.90"
version = "2.0.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "919d3b74a5dd0ccd15aeb8f93e7006bd9e14c295087c9896a110f490752bcf31"
checksum = "b09a44accad81e1ba1cd74a32461ba89dee89095ba17b32f5d03683b1b1fc2a0"
dependencies = [
"proc-macro2",
"quote",
@@ -921,18 +887,18 @@ dependencies = [
[[package]]
name = "thiserror"
version = "2.0.6"
version = "2.0.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8fec2a1820ebd077e2b90c4df007bebf344cd394098a13c563957d0afc83ea47"
checksum = "567b8a2dae586314f7be2a752ec7474332959c6460e02bde30d702a66d488708"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "2.0.6"
version = "2.0.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d65750cab40f4ff1929fb1ba509e9914eb756131cef4210da8d5d700d26f6312"
checksum = "7f7cf42b4507d8ea322120659672cf1b9dbb93f8f2d4ecfd6e51350ff5b17a1d"
dependencies = [
"proc-macro2",
"quote",
@@ -941,9 +907,9 @@ dependencies = [
[[package]]
name = "tls_codec"
version = "0.4.1"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b5e78c9c330f8c85b2bae7c8368f2739157db9991235123aa1b15ef9502bfb6a"
checksum = "0de2e01245e2bb89d6f05801c564fa27624dbd7b1846859876c7dad82e90bf6b"
dependencies = [
"tls_codec_derive",
"zeroize",
@@ -951,9 +917,9 @@ dependencies = [
[[package]]
name = "tls_codec_derive"
version = "0.4.1"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8d9ef545650e79f30233c0003bcc2504d7efac6dad25fca40744de773fe2049c"
checksum = "2d2e76690929402faae40aebdda620a2c0e25dd6d3b9afe48867dfd95991f4bd"
dependencies = [
"proc-macro2",
"quote",
@@ -962,15 +928,15 @@ dependencies = [
[[package]]
name = "typenum"
version = "1.17.0"
version = "1.18.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825"
checksum = "1dccffe3ce07af9386bfd29e80c0ab1a8205a2fc34e4bcd40364df902cfa8f3f"
[[package]]
name = "unicode-ident"
version = "1.0.14"
version = "1.0.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "adb9e6ca4f869e1180728b7950e35922a7fc6397f7b641499e8f3ef06e50dc83"
checksum = "5a5f39404a5da50712a4c1eecf25e90dd62b613502b7e925fd4e4d19b5c96512"
[[package]]
name = "unicode-width"
@@ -1084,27 +1050,6 @@ dependencies = [
"tls_codec",
]
[[package]]
name = "zerocopy"
version = "0.7.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0"
dependencies = [
"byteorder",
"zerocopy-derive",
]
[[package]]
name = "zerocopy-derive"
version = "0.7.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "zeroize"
version = "1.8.1"
@@ -1124,3 +1069,9 @@ dependencies = [
"quote",
"syn",
]
[[package]]
name = "zlib-rs"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "868b928d7949e09af2f6086dfc1e01936064cc7a819253bce650d4e2a2d63ba8"

63
native/src/Cargo.toml
View File

@@ -1,45 +1,53 @@
[workspace]
exclude = ["external"]
members = ["base", "boot", "core", "init", "sepolicy"]
members = ["base", "boot", "core", "core/derive", "init", "sepolicy"]
resolver = "2"
[workspace.package]
version = "0.0.0"
edition = "2024"
[workspace.dependencies]
cxx = { path = "external/cxx-rs" }
cxx-gen = { path = "external/cxx-rs/gen/lib" }
libc = "0.2"
cfg-if = "1.0"
num-traits = "0.2"
num-derive = "0.4"
thiserror = "2.0"
byteorder = "1"
size = "0.4"
sha1 = "0.11.0-pre.4"
libc = "0.2.171"
cfg-if = "1.0.0"
num-traits = "0.2.19"
num-derive = "0.4.2"
thiserror = "2.0.12"
byteorder = "1.5.0"
size = "0.5.0"
bytemuck = "1.22.0"
fdt = "0.1.5"
const_format = "0.2.34"
bit-set = "0.8.0"
syn = "2.0.100"
quote = "1.0.40"
proc-macro2 = "1.0.94"
argh = { version = "0.1.13", default-features = false }
libz-rs-sys = { version = "0.5.0", features = ["export-symbols"] }
libbz2-rs-sys = { version = "0.1.3" }
pb-rs = { version = "0.10.0", default-features = false }
quick-protobuf = "0.8.1"
# Rust crypto crates are tied together
sha1 = "=0.11.0-pre.4"
sha2 = "=0.11.0-pre.4"
digest = "0.11.0-pre.9"
digest = "=0.11.0-pre.9"
p256 = "0.14.0-pre.2"
p384 = "0.14.0-pre.2"
p521 = "0.14.0-pre.2"
rsa = "0.10.0-pre.3"
rsa = "0.10.0-pre.4"
x509-cert = "0.3.0-pre.0"
der = "0.8.0-rc.1"
bytemuck = "1.16"
fdt = "0.1"
const_format = "0.2"
bit-set = "0.8"
[workspace.dependencies.argh]
git = "https://github.com/google/argh.git"
rev = "1c632b046d084e7bde86b82dfc969b30b4647c8c"
default-features = false
# Pin version to prevent cargo update breaking builds
block-buffer = "=0.11.0-rc.3"
sec1 = "=0.8.0-rc.3"
[workspace.dependencies.pb-rs]
git = "https://github.com/tafia/quick-protobuf.git"
rev = "2f37d5a65504de7d716b5b28fd82219501a901a9"
default-features = false
[workspace.dependencies.quick-protobuf]
git = "https://github.com/tafia/quick-protobuf.git"
rev = "2f37d5a65504de7d716b5b28fd82219501a901a9"
[patch.crates-io]
pb-rs = { git = "https://github.com/tafia/quick-protobuf.git" }
quick-protobuf = { git = "https://github.com/tafia/quick-protobuf.git" }
[profile.dev]
opt-level = "z"
@@ -51,3 +59,4 @@ opt-level = "z"
lto = "fat"
codegen-units = 1
panic = "abort"
strip = true

4
native/src/base/Cargo.toml
View File

@@ -1,7 +1,7 @@
[package]
name = "base"
version = "0.0.0"
edition = "2021"
version.workspace = true
edition.workspace = true
[lib]
path = "lib.rs"

6
native/src/base/build.rs
View File

@@ -1,7 +1,7 @@
use crate::gen::gen_cxx_binding;
use crate::codegen::gen_cxx_binding;
#[path = "../include/gen.rs"]
mod gen;
#[path = "../include/codegen.rs"]
mod codegen;
fn main() {
gen_cxx_binding("base-rs");

533
native/src/base/cstr.rs
View File

@@ -1,14 +1,14 @@
use cxx::{ExternType, type_id};
use libc::c_char;
use std::borrow::Borrow;
use std::cmp::min;
use std::ffi::{CStr, FromBytesWithNulError, OsStr};
use std::fmt::{Arguments, Debug, Display, Formatter, Write};
use std::ops::{Deref, DerefMut};
use std::fmt::{Debug, Display, Formatter, Write};
use std::ops::Deref;
use std::os::unix::ffi::OsStrExt;
use std::path::{Path, PathBuf};
use std::str::Utf8Error;
use std::{fmt, mem, slice, str};
use cxx::{type_id, ExternType};
use libc::c_char;
use thiserror::Error;
use crate::slice_from_ptr_mut;
@@ -18,88 +18,81 @@ use crate::slice_from_ptr_mut;
// Several Utf8CStr types:
//
// Utf8CStr: can only exist as reference, similar to &str
// Utf8CString: dynamically sized buffer allocated on the heap
// Utf8CString: dynamically sized buffer allocated on the heap, similar to String
// Utf8CStrBufRef: reference to a fixed sized buffer
// Utf8CStrBufArr<N>: fixed sized buffer allocated on the stack
//
// For easier usage, please use the helper functions in cstr::buf.
//
// In most cases, these are the types being used
//
// &Utf8CStr: whenever a printable null terminated string is needed
// &mut dyn Utf8CStrWrite: whenever we need a buffer that only needs to support appending
// strings to the end, and has to be null terminated
// &mut dyn Utf8CStrBuf: whenever we need a buffer that needs to support appending
// strings to the end, and has to be null terminated
// &mut dyn Utf8CStrBuf: whenever we need a pre-allocated buffer that is large enough to fit
// in the result, and has to be null terminated
//
// All types dereferences to &Utf8CStr.
// Utf8CString, Utf8CStrBufRef, and Utf8CStrBufArr<N> implements Utf8CStrWrite.
// Utf8CStrBufRef and Utf8CStrBufArr<N> implements Utf8CStrBuf.
// Utf8CString, Utf8CStrBufRef, and Utf8CStrBufArr<N> implements Utf8CStrBuf.
fn utf8_cstr_buf_append(buf: &mut dyn Utf8CStrBuf, s: &[u8]) -> usize {
let mut used = buf.len();
if used >= buf.capacity() - 1 {
// Truncate
return 0;
}
let dest = unsafe { &mut buf.mut_buf()[used..] };
let len = min(s.len(), dest.len() - 1);
if len > 0 {
dest[..len].copy_from_slice(&s[..len]);
}
dest[len] = b'\0';
used += len;
unsafe { buf.set_len(used) };
len
}
// Public helper functions
fn utf8_cstr_append_lossy(buf: &mut dyn Utf8CStrWrite, s: &[u8]) -> usize {
let mut len = 0_usize;
for chunk in s.utf8_chunks() {
len += buf.push_str(chunk.valid());
if !chunk.invalid().is_empty() {
len += buf.push_str(char::REPLACEMENT_CHARACTER.encode_utf8(&mut [0; 4]));
}
pub mod buf {
use super::{Utf8CStrBufArr, Utf8CStrBufRef, Utf8CString};
#[inline(always)]
pub fn dynamic(capacity: usize) -> Utf8CString {
Utf8CString::with_capacity(capacity)
}
#[inline(always)]
pub fn default() -> Utf8CStrBufArr<4096> {
Utf8CStrBufArr::default()
}
#[inline(always)]
pub fn new<const N: usize>() -> Utf8CStrBufArr<N> {
Utf8CStrBufArr::new()
}
#[inline(always)]
pub fn wrap(buf: &mut [u8]) -> Utf8CStrBufRef {
Utf8CStrBufRef::from(buf)
}
#[inline(always)]
pub unsafe fn wrap_ptr<'a>(buf: *mut u8, len: usize) -> Utf8CStrBufRef<'a> {
unsafe { Utf8CStrBufRef::from_ptr(buf, len) }
}
len
}
// Trait definitions
pub trait Utf8CStrWrite:
Write + AsRef<Utf8CStr> + AsMut<Utf8CStr> + Deref<Target = Utf8CStr> + DerefMut
{
pub trait Utf8CStrBuf: Write + AsRef<Utf8CStr> + Deref<Target = Utf8CStr> {
// The length of the string without the terminating null character.
// assert_true(len <= capacity - 1)
fn len(&self) -> usize;
// Set the length of the string
//
// It is your responsibility to:
// 1. Null terminate the string by setting the next byte after len to null
// 2. Ensure len <= capacity - 1
// 3. All bytes from 0 to len is valid UTF-8 and does not contain null
unsafe fn set_len(&mut self, len: usize);
fn push_str(&mut self, s: &str) -> usize;
// The capacity of the internal buffer. The maximum string length this buffer can contain
// is capacity - 1, because the last byte is reserved for the terminating null character.
fn capacity(&self) -> usize;
fn clear(&mut self);
fn as_mut_ptr(&mut self) -> *mut c_char;
fn truncate(&mut self, new_len: usize);
#[inline(always)]
fn is_empty(&self) -> bool {
self.len() == 0
}
fn push_str(&mut self, s: &str) -> usize;
fn push_lossy(&mut self, s: &[u8]) -> usize;
fn clear(&mut self);
}
pub trait Utf8CStrBuf: Utf8CStrWrite {
fn buf(&self) -> &[u8];
// Modifying the underlying buffer or length is unsafe because it can either:
// 1. Break null termination
// 2. Break UTF-8 validation
// 3. Introduce inner null byte in the string
unsafe fn mut_buf(&mut self) -> &mut [u8];
unsafe fn set_len(&mut self, len: usize);
#[inline(always)]
fn capacity(&self) -> usize {
self.buf().len()
}
}
trait AsUtf8CStr {
fn as_utf8_cstr(&self) -> &Utf8CStr;
fn as_utf8_cstr_mut(&mut self) -> &mut Utf8CStr;
}
// Implementation for Utf8CString
pub trait StringExt {
fn nul_terminate(&mut self) -> &mut [u8];
}
@@ -132,50 +125,70 @@ impl StringExt for PathBuf {
}
}
#[derive(Default)]
pub struct Utf8CString(String);
impl Utf8CString {
#[inline(always)]
pub fn new() -> Self {
Self::default()
impl Default for Utf8CString {
fn default() -> Self {
Utf8CString::with_capacity(256)
}
}
impl AsUtf8CStr for Utf8CString {
impl Utf8CString {
pub fn with_capacity(capacity: usize) -> Utf8CString {
Utf8CString::from(String::with_capacity(capacity))
}
pub fn ensure_capacity(&mut self, capacity: usize) {
if self.capacity() >= capacity {
return;
}
self.0.reserve(capacity - self.0.len())
}
}
impl AsRef<Utf8CStr> for Utf8CString {
#[inline(always)]
fn as_utf8_cstr(&self) -> &Utf8CStr {
fn as_ref(&self) -> &Utf8CStr {
// SAFETY: the internal string is always null terminated
unsafe { mem::transmute(slice::from_raw_parts(self.0.as_ptr(), self.0.len() + 1)) }
}
#[inline(always)]
fn as_utf8_cstr_mut(&mut self) -> &mut Utf8CStr {
Utf8CStr::from_string(&mut self.0)
}
}
impl Utf8CStrWrite for Utf8CString {
impl Utf8CStrBuf for Utf8CString {
#[inline(always)]
fn len(&self) -> usize {
self.0.len()
}
unsafe fn set_len(&mut self, len: usize) {
unsafe {
self.0.as_mut_vec().set_len(len);
}
}
fn push_str(&mut self, s: &str) -> usize {
self.0.push_str(s);
self.0.nul_terminate();
s.len()
}
#[inline(always)]
fn push_lossy(&mut self, s: &[u8]) -> usize {
utf8_cstr_append_lossy(self, s)
fn capacity(&self) -> usize {
self.0.capacity()
}
fn clear(&mut self) {
self.0.clear();
self.0.nul_terminate();
}
fn as_mut_ptr(&mut self) -> *mut c_char {
self.0.as_mut_ptr().cast()
}
fn truncate(&mut self, new_len: usize) {
self.0.truncate(new_len);
self.0.nul_terminate();
}
}
impl From<String> for Utf8CString {
@@ -185,24 +198,15 @@ impl From<String> for Utf8CString {
}
}
// Implementations for Utf8CStrBuf
impl<T: Utf8CStrBuf> AsUtf8CStr for T {
#[inline(always)]
fn as_utf8_cstr(&self) -> &Utf8CStr {
// SAFETY: the internal buffer is always UTF-8 checked
// SAFETY: self.used is guaranteed to always <= SIZE - 1
unsafe { Utf8CStr::from_bytes_unchecked(self.buf().get_unchecked(..(self.len() + 1))) }
impl From<&str> for Utf8CString {
fn from(value: &str) -> Self {
value.to_string().into()
}
}
#[inline(always)]
fn as_utf8_cstr_mut(&mut self) -> &mut Utf8CStr {
// SAFETY: the internal buffer is always UTF-8 checked
// SAFETY: self.used is guaranteed to always <= SIZE - 1
unsafe {
let len = self.len() + 1;
Utf8CStr::from_bytes_unchecked_mut(self.mut_buf().get_unchecked_mut(..len))
}
impl Borrow<Utf8CStr> for Utf8CString {
fn borrow(&self) -> &Utf8CStr {
self.deref()
}
}
@@ -214,7 +218,7 @@ pub struct Utf8CStrBufRef<'a> {
impl<'a> Utf8CStrBufRef<'a> {
pub unsafe fn from_ptr(buf: *mut u8, len: usize) -> Utf8CStrBufRef<'a> {
Self::from(slice_from_ptr_mut(buf, len))
unsafe { Self::from(slice_from_ptr_mut(buf, len)) }
}
}
@@ -225,23 +229,6 @@ impl<'a> From<&'a mut [u8]> for Utf8CStrBufRef<'a> {
}
}
impl Utf8CStrBuf for Utf8CStrBufRef<'_> {
#[inline(always)]
fn buf(&self) -> &[u8] {
self.buf
}
#[inline(always)]
unsafe fn mut_buf(&mut self) -> &mut [u8] {
self.buf
}
#[inline(always)]
unsafe fn set_len(&mut self, len: usize) {
self.used = len;
}
}
// UTF-8 validated + null terminated buffer on the stack
pub struct Utf8CStrBufArr<const N: usize> {
used: usize,
@@ -257,28 +244,6 @@ impl<const N: usize> Utf8CStrBufArr<N> {
}
}
impl<const N: usize> Utf8CStrBuf for Utf8CStrBufArr<N> {
#[inline(always)]
fn buf(&self) -> &[u8] {
&self.buf
}
#[inline(always)]
unsafe fn mut_buf(&mut self) -> &mut [u8] {
&mut self.buf
}
#[inline(always)]
unsafe fn set_len(&mut self, len: usize) {
self.used = len;
}
#[inline(always)]
fn capacity(&self) -> usize {
N
}
}
impl Default for Utf8CStrBufArr<4096> {
fn default() -> Self {
Utf8CStrBufArr::<4096>::new()
@@ -310,27 +275,15 @@ impl Utf8CStr {
Self::from_cstr(CStr::from_bytes_with_nul(buf)?)
}
pub fn from_bytes_mut(buf: &mut [u8]) -> Result<&mut Utf8CStr, StrErr> {
CStr::from_bytes_with_nul(buf)?;
str::from_utf8(buf)?;
// Both condition checked
unsafe { Ok(mem::transmute::<&mut [u8], &mut Utf8CStr>(buf)) }
}
pub fn from_string(s: &mut String) -> &mut Utf8CStr {
pub fn from_string(s: &mut String) -> &Utf8CStr {
let buf = s.nul_terminate();
// SAFETY: the null byte is explicitly added to the buffer
unsafe { mem::transmute(buf) }
}
#[inline(always)]
pub unsafe fn from_bytes_unchecked(buf: &[u8]) -> &Utf8CStr {
mem::transmute(buf)
}
#[inline(always)]
pub unsafe fn from_bytes_unchecked_mut(buf: &mut [u8]) -> &mut Utf8CStr {
mem::transmute(buf)
pub const unsafe fn from_bytes_unchecked(buf: &[u8]) -> &Utf8CStr {
unsafe { mem::transmute(buf) }
}
pub unsafe fn from_ptr<'a>(ptr: *const c_char) -> Result<&'a Utf8CStr, StrErr> {
@@ -341,8 +294,10 @@ impl Utf8CStr {
}
pub unsafe fn from_ptr_unchecked<'a>(ptr: *const c_char) -> &'a Utf8CStr {
let cstr = CStr::from_ptr(ptr);
Self::from_bytes_unchecked(cstr.to_bytes_with_nul())
unsafe {
let cstr = CStr::from_ptr(ptr);
Self::from_bytes_unchecked(cstr.to_bytes_with_nul())
}
}
#[inline(always)]
@@ -355,11 +310,6 @@ impl Utf8CStr {
self.0.as_ptr().cast()
}
#[inline(always)]
pub fn as_mut_ptr(&mut self) -> *mut c_char {
self.0.as_mut_ptr().cast()
}
#[inline(always)]
pub fn as_cstr(&self) -> &CStr {
// SAFETY: Already validated as null terminated during construction
@@ -372,13 +322,6 @@ impl Utf8CStr {
// SAFETY: The length of the slice is at least 1 due to null termination check
unsafe { str::from_utf8_unchecked(self.0.get_unchecked(..self.0.len() - 1)) }
}
#[inline(always)]
pub fn as_str_mut(&mut self) -> &mut str {
// SAFETY: Already UTF-8 validated during construction
// SAFETY: The length of the slice is at least 1 due to null termination check
unsafe { str::from_utf8_unchecked_mut(self.0.get_unchecked_mut(..self.0.len() - 1)) }
}
}
impl Deref for Utf8CStr {
@@ -390,10 +333,19 @@ impl Deref for Utf8CStr {
}
}
impl DerefMut for Utf8CStr {
#[inline(always)]
fn deref_mut(&mut self) -> &mut Self::Target {
self.as_str_mut()
impl ToOwned for Utf8CStr {
type Owned = Utf8CString;
fn to_owned(&self) -> Utf8CString {
let mut s = Utf8CString::with_capacity(self.len() + 1);
s.push_str(self.as_str());
s
}
}
impl AsRef<Utf8CStr> for Utf8CStr {
fn as_ref(&self) -> &Utf8CStr {
self
}
}
@@ -416,90 +368,39 @@ const_assert_eq!(align_of::<&Utf8CStr>(), align_of::<[usize; 2]>());
// File system path extensions types
#[repr(transparent)]
pub struct FsPath(Utf8CStr);
pub struct FsPathFollow(Utf8CStr);
impl FsPath {
impl AsRef<Utf8CStr> for FsPathFollow {
#[inline(always)]
pub fn from<T: AsRef<Utf8CStr> + ?Sized>(value: &T) -> &FsPath {
unsafe { mem::transmute(value.as_ref()) }
}
#[inline(always)]
pub fn from_mut<T: AsMut<Utf8CStr> + ?Sized>(value: &mut T) -> &mut FsPath {
unsafe { mem::transmute(value.as_mut()) }
}
}
impl Deref for FsPath {
type Target = Utf8CStr;
#[inline(always)]
fn deref(&self) -> &Utf8CStr {
fn as_ref(&self) -> &Utf8CStr {
&self.0
}
}
impl DerefMut for FsPath {
#[inline(always)]
fn deref_mut(&mut self) -> &mut Utf8CStr {
&mut self.0
}
}
pub struct FsPathBuf<'a>(&'a mut dyn Utf8CStrWrite);
impl<'a> FsPathBuf<'a> {
pub fn new(value: &'a mut dyn Utf8CStrWrite) -> Self {
value.clear();
FsPathBuf(value)
}
pub fn join<T: AsRef<str>>(self, path: T) -> Self {
fn inner(buf: &mut dyn Utf8CStrWrite, path: &str) {
if path.starts_with('/') {
buf.clear();
} else {
buf.push_str("/");
}
buf.push_str(path);
}
inner(self.0, path.as_ref());
self
}
pub fn join_fmt<T: Display>(self, name: T) -> Self {
fn inner(buf: &mut dyn Utf8CStrWrite, path: Arguments) {
buf.write_fmt(path).ok();
}
inner(self.0, format_args!("/{}", name));
self
}
}
impl Deref for FsPathBuf<'_> {
type Target = FsPath;
fn deref(&self) -> &FsPath {
FsPath::from(&self.0)
}
}
impl DerefMut for FsPathBuf<'_> {
fn deref_mut(&mut self) -> &mut Self::Target {
FsPath::from_mut(&mut self.0)
}
}
// Boilerplate trait implementations
macro_rules! impl_str {
// impl<T: AsRef<Utf8CStr>> Deref<Target = Utf8CStr> for T { ... }
macro_rules! impl_cstr_deref {
($( ($t:ty, $($g:tt)*) )*) => {$(
impl<$($g)*> AsRef<Utf8CStr> for $t {
impl<$($g)*> Deref for $t {
type Target = Utf8CStr;
#[inline(always)]
fn as_ref(&self) -> &Utf8CStr {
self
fn deref(&self) -> &Utf8CStr {
self.as_ref()
}
}
)*}
}
impl_cstr_deref!(
(Utf8CStrBufRef<'_>,)
(Utf8CStrBufArr<N>, const N: usize)
(Utf8CString,)
(FsPathFollow,)
);
// impl<T: Deref<Target = Utf8CStr>> BoilerPlate for T { ... }
macro_rules! impl_cstr_misc {
($( ($t:ty, $($g:tt)*) )*) => {$(
impl<$($g)*> AsRef<str> for $t {
#[inline(always)]
fn as_ref(&self) -> &str {
@@ -560,7 +461,7 @@ macro_rules! impl_str {
self == other.as_cstr()
}
}
impl<T: AsRef<Utf8CStr>, $($g)*> PartialEq<T> for $t {
impl<T: AsRef<Utf8CStr> + ?Sized, $($g)*> PartialEq<T> for $t {
#[inline(always)]
fn eq(&self, other: &T) -> bool {
self.as_bytes_with_nul() == other.as_ref().as_bytes_with_nul()
@@ -569,16 +470,87 @@ macro_rules! impl_str {
)*}
}
impl_str!(
impl_cstr_misc!(
(Utf8CStr,)
(FsPath,)
(FsPathBuf<'_>,)
(Utf8CStrBufRef<'_>,)
(Utf8CStrBufArr<N>, const N: usize)
(Utf8CString,)
(FsPathFollow,)
);
macro_rules! impl_str_write {
fn copy_cstr_truncate(dest: &mut [u8], src: &[u8]) -> usize {
if dest.len() <= 1 {
// Truncate
return 0;
}
let len = min(src.len(), dest.len() - 1);
if len > 0 {
dest[..len].copy_from_slice(&src[..len]);
}
dest[len] = b'\0';
len
}
// impl<T> AsRef<Utf8CStr> for T { ... }
// impl<T> Utf8CStrBuf for T { ... }
macro_rules! impl_cstr_buf {
($( ($t:ty, $($g:tt)*) )*) => {$(
impl<$($g)*> AsRef<Utf8CStr> for $t {
#[inline(always)]
fn as_ref(&self) -> &Utf8CStr {
// SAFETY: the internal buffer is always UTF-8 checked
// SAFETY: self.used is guaranteed to always <= SIZE - 1
unsafe { Utf8CStr::from_bytes_unchecked(self.buf.get_unchecked(..(self.used + 1))) }
}
}
impl<$($g)*> Utf8CStrBuf for $t {
#[inline(always)]
fn len(&self) -> usize {
self.used
}
#[inline(always)]
unsafe fn set_len(&mut self, len: usize) {
self.used = len;
}
#[inline(always)]
fn push_str(&mut self, s: &str) -> usize {
// SAFETY: self.used is guaranteed to always <= SIZE - 1
let dest = unsafe { self.buf.get_unchecked_mut(self.used..) };
let len = copy_cstr_truncate(dest, s.as_bytes());
self.used += len;
len
}
#[inline(always)]
fn capacity(&self) -> usize {
self.buf.len()
}
#[inline(always)]
fn clear(&mut self) {
self.buf[0] = b'\0';
self.used = 0;
}
#[inline(always)]
fn as_mut_ptr(&mut self) -> *mut c_char {
self.buf.as_mut_ptr().cast()
}
fn truncate(&mut self, new_len: usize) {
if self.used <= new_len {
return;
}
self.buf[new_len] = b'\0';
self.used = new_len;
}
}
)*}
}
impl_cstr_buf!(
(Utf8CStrBufRef<'_>,)
(Utf8CStrBufArr<N>, const N: usize)
);
// impl<T: Utf8CStrBuf> Write for T { ... }
macro_rules! impl_cstr_buf_write {
($( ($t:ty, $($g:tt)*) )*) => {$(
impl<$($g)*> Write for $t {
#[inline(always)]
@@ -587,84 +559,27 @@ macro_rules! impl_str_write {
Ok(())
}
}
impl<$($g)*> Deref for $t {
type Target = Utf8CStr;
#[inline(always)]
fn deref(&self) -> &Utf8CStr {
self.as_utf8_cstr()
}
}
impl<$($g)*> DerefMut for $t {
#[inline(always)]
fn deref_mut(&mut self) -> &mut Utf8CStr {
self.as_utf8_cstr_mut()
}
}
impl<$($g)*> AsMut<Utf8CStr> for $t {
#[inline(always)]
fn as_mut(&mut self) -> &mut Utf8CStr {
self.as_utf8_cstr_mut()
}
}
)*}
}
impl_str_write!(
impl_cstr_buf_write!(
(Utf8CStrBufRef<'_>,)
(Utf8CStrBufArr<N>, const N: usize)
(Utf8CString,)
);
macro_rules! impl_str_buf {
($( ($t:ty, $($g:tt)*) )*) => {$(
impl<$($g)*> Utf8CStrWrite for $t {
#[inline(always)]
fn len(&self) -> usize {
self.used
}
#[inline(always)]
fn push_str(&mut self, s: &str) -> usize {
utf8_cstr_buf_append(self, s.as_bytes())
}
#[inline(always)]
fn push_lossy(&mut self, s: &[u8]) -> usize {
utf8_cstr_append_lossy(self, s)
}
#[inline(always)]
fn clear(&mut self) {
self.buf[0] = b'\0';
self.used = 0;
}
}
)*}
}
impl_str_buf!(
(Utf8CStrBufRef<'_>,)
(Utf8CStrBufArr<N>, const N: usize)
);
// The cstr! macro is copied from https://github.com/bytecodealliance/rustix/blob/main/src/cstr.rs
#[macro_export]
macro_rules! cstr {
($($str:tt)*) => {{
assert!(
!($($str)*).bytes().any(|b| b == b'\0'),
"cstr argument contains embedded NUL bytes",
);
($str:expr) => {{
const NULL_STR: &str = $crate::const_format::concatcp!($str, "\0");
#[allow(unused_unsafe)]
unsafe {
$crate::Utf8CStr::from_bytes_unchecked($crate::const_format::concatcp!($($str)*, "\0")
.as_bytes())
$crate::Utf8CStr::from_bytes_unchecked(NULL_STR.as_bytes())
}
}};
}
#[macro_export]
macro_rules! raw_cstr {
($($str:tt)*) => {{
$crate::cstr!($($str)*).as_ptr()
}};
($str:expr) => {{ $crate::cstr!($str).as_ptr() }};
}

174
native/src/base/cxx_extern.rs
View File

@@ -1,6 +1,5 @@
// Functions in this file are only for exporting to C++, DO NOT USE IN RUST
use std::io;
use std::os::fd::{BorrowedFd, OwnedFd, RawFd};
use cfg_if::cfg_if;
@@ -9,49 +8,55 @@ use libc::{c_char, mode_t};
use crate::files::map_file_at;
pub(crate) use crate::xwrap::*;
use crate::{
clone_attr, cstr, fclone_attr, fd_path, map_fd, map_file, slice_from_ptr, CxxResultExt,
Directory, FsPath, Utf8CStr, Utf8CStrBufRef,
CxxResultExt, Directory, OsResultStatic, Utf8CStr, clone_attr, cstr, fclone_attr, fd_path,
map_fd, map_file, slice_from_ptr,
};
pub(crate) fn fd_path_for_cxx(fd: RawFd, buf: &mut [u8]) -> isize {
let mut buf = Utf8CStrBufRef::from(buf);
let mut buf = cstr::buf::wrap(buf);
fd_path(fd, &mut buf)
.log_cxx_with_msg(|w| w.write_str("fd_path failed"))
.log_cxx()
.map_or(-1_isize, |_| buf.len() as isize)
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn canonical_path(path: *const c_char, buf: *mut u8, bufsz: usize) -> isize {
match Utf8CStr::from_ptr(path) {
Ok(p) => {
let mut buf = Utf8CStrBufRef::from_ptr(buf, bufsz);
FsPath::from(p)
.realpath(&mut buf)
.map_or(-1, |_| buf.len() as isize)
unsafe {
match Utf8CStr::from_ptr(path) {
Ok(path) => {
let mut buf = cstr::buf::wrap_ptr(buf, bufsz);
path.realpath(&mut buf)
.log_cxx()
.map_or(-1_isize, |_| buf.len() as isize)
}
Err(_) => -1,
}
Err(_) => -1,
}
}
#[export_name = "mkdirs"]
#[unsafe(export_name = "mkdirs")]
unsafe extern "C" fn mkdirs_for_cxx(path: *const c_char, mode: mode_t) -> i32 {
match Utf8CStr::from_ptr(path) {
Ok(p) => FsPath::from(p).mkdirs(mode).map_or(-1, |_| 0),
Err(_) => -1,
unsafe {
match Utf8CStr::from_ptr(path) {
Ok(path) => path.mkdirs(mode).map_or(-1, |_| 0),
Err(_) => -1,
}
}
}
#[export_name = "rm_rf"]
#[unsafe(export_name = "rm_rf")]
unsafe extern "C" fn rm_rf_for_cxx(path: *const c_char) -> bool {
match Utf8CStr::from_ptr(path) {
Ok(p) => FsPath::from(p).remove_all().is_ok(),
Err(_) => false,
unsafe {
match Utf8CStr::from_ptr(path) {
Ok(path) => path.remove_all().is_ok(),
Err(_) => false,
}
}
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn frm_rf(fd: OwnedFd) -> bool {
fn inner(fd: OwnedFd) -> io::Result<()> {
fn inner(fd: OwnedFd) -> OsResultStatic<()> {
Directory::try_from(fd)?.remove_all()
}
inner(fd).is_ok()
@@ -77,116 +82,99 @@ pub(crate) fn map_fd_for_cxx(fd: RawFd, sz: usize, rw: bool) -> &'static mut [u8
}
}
pub(crate) unsafe fn readlinkat_for_cxx(
pub(crate) unsafe fn readlinkat(
dirfd: RawFd,
path: *const c_char,
buf: *mut u8,
bufsz: usize,
) -> isize {
// readlinkat() may fail on x86 platform, returning random value
// instead of number of bytes placed in buf (length of link)
cfg_if! {
if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] {
libc::memset(buf.cast(), 0, bufsz);
let mut r = libc::readlinkat(dirfd, path, buf.cast(), bufsz - 1);
if r > 0 {
r = libc::strlen(buf.cast()) as isize;
}
} else {
let r = libc::readlinkat(dirfd, path, buf.cast(), bufsz - 1);
if r >= 0 {
*buf.offset(r) = b'\0';
unsafe {
// readlinkat() may fail on x86 platform, returning random value
// instead of number of bytes placed in buf (length of link)
cfg_if! {
if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] {
libc::memset(buf.cast(), 0, bufsz);
let mut r = libc::readlinkat(dirfd, path, buf.cast(), bufsz - 1);
if r > 0 {
r = libc::strlen(buf.cast()) as isize;
}
} else {
let r = libc::readlinkat(dirfd, path, buf.cast(), bufsz - 1);
if r >= 0 {
*buf.offset(r) = b'\0';
}
}
}
r
}
r
}
#[export_name = "cp_afc"]
#[unsafe(export_name = "cp_afc")]
unsafe extern "C" fn cp_afc_for_cxx(src: *const c_char, dest: *const c_char) -> bool {
if let Ok(src) = Utf8CStr::from_ptr(src) {
if let Ok(dest) = Utf8CStr::from_ptr(dest) {
let src = FsPath::from(src);
let dest = FsPath::from(dest);
return src
.copy_to(dest)
.log_cxx_with_msg(|w| {
w.write_fmt(format_args!("cp_afc {} -> {} failed", src, dest))
})
.is_ok();
unsafe {
if let Ok(src) = Utf8CStr::from_ptr(src) {
if let Ok(dest) = Utf8CStr::from_ptr(dest) {
return src.copy_to(dest).log_cxx().is_ok();
}
}
false
}
false
}
#[export_name = "mv_path"]
#[unsafe(export_name = "mv_path")]
unsafe extern "C" fn mv_path_for_cxx(src: *const c_char, dest: *const c_char) -> bool {
if let Ok(src) = Utf8CStr::from_ptr(src) {
if let Ok(dest) = Utf8CStr::from_ptr(dest) {
let src = FsPath::from(src);
let dest = FsPath::from(dest);
return src
.move_to(dest)
.log_cxx_with_msg(|w| {
w.write_fmt(format_args!("mv_path {} -> {} failed", src, dest))
})
.is_ok();
unsafe {
if let Ok(src) = Utf8CStr::from_ptr(src) {
if let Ok(dest) = Utf8CStr::from_ptr(dest) {
return src.move_to(dest).log_cxx().is_ok();
}
}
false
}
false
}
#[export_name = "link_path"]
#[unsafe(export_name = "link_path")]
unsafe extern "C" fn link_path_for_cxx(src: *const c_char, dest: *const c_char) -> bool {
if let Ok(src) = Utf8CStr::from_ptr(src) {
if let Ok(dest) = Utf8CStr::from_ptr(dest) {
let src = FsPath::from(src);
let dest = FsPath::from(dest);
return src
.link_to(dest)
.log_cxx_with_msg(|w| {
w.write_fmt(format_args!("link_path {} -> {} failed", src, dest))
})
.is_ok();
unsafe {
if let Ok(src) = Utf8CStr::from_ptr(src) {
if let Ok(dest) = Utf8CStr::from_ptr(dest) {
return src.link_to(dest).log_cxx().is_ok();
}
}
false
}
false
}
#[export_name = "clone_attr"]
#[unsafe(export_name = "clone_attr")]
unsafe extern "C" fn clone_attr_for_cxx(src: *const c_char, dest: *const c_char) -> bool {
if let Ok(src) = Utf8CStr::from_ptr(src) {
if let Ok(dest) = Utf8CStr::from_ptr(dest) {
let src = FsPath::from(src);
let dest = FsPath::from(dest);
return clone_attr(src, dest)
.log_cxx_with_msg(|w| {
w.write_fmt(format_args!("clone_attr {} -> {} failed", src, dest))
})
.is_ok();
unsafe {
if let Ok(src) = Utf8CStr::from_ptr(src) {
if let Ok(dest) = Utf8CStr::from_ptr(dest) {
return clone_attr(src, dest).log_cxx().is_ok();
}
}
false
}
false
}
#[export_name = "fclone_attr"]
#[unsafe(export_name = "fclone_attr")]
unsafe extern "C" fn fclone_attr_for_cxx(a: RawFd, b: RawFd) -> bool {
fclone_attr(a, b)
.log_cxx_with_msg(|w| w.write_str("fclone_attr failed"))
.is_ok()
fclone_attr(a, b).log_cxx().is_ok()
}
#[export_name = "cxx$utf8str$new"]
#[unsafe(export_name = "cxx$utf8str$new")]
unsafe extern "C" fn str_new(this: &mut &Utf8CStr, s: *const u8, len: usize) {
*this = Utf8CStr::from_bytes(slice_from_ptr(s, len)).unwrap_or(cstr!(""));
unsafe {
*this = Utf8CStr::from_bytes(slice_from_ptr(s, len)).unwrap_or(cstr!(""));
}
}
#[export_name = "cxx$utf8str$ptr"]
#[unsafe(export_name = "cxx$utf8str$ptr")]
unsafe extern "C" fn str_ptr(this: &&Utf8CStr) -> *const u8 {
this.as_ptr().cast()
}
#[export_name = "cxx$utf8str$len"]
#[unsafe(export_name = "cxx$utf8str$len")]
unsafe extern "C" fn str_len(this: &&Utf8CStr) -> usize {
this.len()
}

495
native/src/base/dir.rs Normal file
View File

@@ -0,0 +1,495 @@
use crate::cxx_extern::readlinkat;
use crate::{
FsPathBuilder, LibcReturn, OsError, OsResult, OsResultStatic, Utf8CStr, Utf8CStrBuf, cstr,
errno, fd_path, fd_set_attr,
};
use libc::{EEXIST, O_CLOEXEC, O_CREAT, O_RDONLY, O_TRUNC, O_WRONLY, dirent, mode_t};
use std::fs::File;
use std::marker::PhantomData;
use std::ops::{Deref, DerefMut};
use std::os::fd::{AsFd, AsRawFd, BorrowedFd, FromRawFd, IntoRawFd, OwnedFd, RawFd};
use std::ptr::NonNull;
use std::{mem, slice};
pub struct DirEntry<'a> {
dir: BorrowedDirectory<'a>,
entry: NonNull<dirent>,
d_name_len: usize,
}
impl DirEntry<'_> {
pub fn as_ptr(&self) -> *mut dirent {
self.entry.as_ptr()
}
pub fn name(&self) -> &Utf8CStr {
unsafe {
Utf8CStr::from_bytes_unchecked(slice::from_raw_parts(
self.d_name.as_ptr().cast(),
self.d_name_len,
))
}
}
pub fn resolve_path(&self, buf: &mut dyn Utf8CStrBuf) -> OsResult<'static, ()> {
self.dir.path_at(self.name(), buf)
}
pub fn is_dir(&self) -> bool {
self.d_type == libc::DT_DIR
}
pub fn is_file(&self) -> bool {
self.d_type == libc::DT_REG
}
pub fn is_symlink(&self) -> bool {
self.d_type == libc::DT_LNK
}
pub fn is_block_device(&self) -> bool {
self.d_type == libc::DT_BLK
}
pub fn is_char_device(&self) -> bool {
self.d_type == libc::DT_CHR
}
pub fn is_fifo(&self) -> bool {
self.d_type == libc::DT_FIFO
}
pub fn is_socket(&self) -> bool {
self.d_type == libc::DT_SOCK
}
pub fn unlink(&self) -> OsResult<()> {
let flag = if self.is_dir() { libc::AT_REMOVEDIR } else { 0 };
self.dir.unlink_at(self.name(), flag)
}
pub fn read_link(&self, buf: &mut dyn Utf8CStrBuf) -> OsResult<()> {
self.dir.read_link_at(self.name(), buf)
}
pub fn open_as_dir(&self) -> OsResult<Directory> {
if !self.is_dir() {
return Err(OsError::with_os_error(
libc::ENOTDIR,
"fdopendir",
Some(self.name()),
None,
));
}
self.dir.open_as_dir_at(self.name())
}
pub fn open_as_file(&self, flags: i32) -> OsResult<File> {
if self.is_dir() {
return Err(OsError::with_os_error(
libc::EISDIR,
"open_as_file",
Some(self.name()),
None,
));
}
self.dir.open_as_file_at(self.name(), flags, 0)
}
}
impl Deref for DirEntry<'_> {
type Target = dirent;
fn deref(&self) -> &dirent {
unsafe { self.entry.as_ref() }
}
}
#[repr(transparent)]
pub struct Directory {
inner: NonNull<libc::DIR>,
}
#[repr(transparent)]
pub struct BorrowedDirectory<'a> {
inner: NonNull<libc::DIR>,
phantom: PhantomData<&'a Directory>,
}
impl Deref for BorrowedDirectory<'_> {
type Target = Directory;
fn deref(&self) -> &Directory {
// SAFETY: layout of NonNull<libc::DIR> is the same as Directory
// SAFETY: the lifetime of the raw pointer is tracked in the PhantomData
unsafe { mem::transmute(&self.inner) }
}
}
impl DerefMut for BorrowedDirectory<'_> {
fn deref_mut(&mut self) -> &mut Directory {
// SAFETY: layout of NonNull<libc::DIR> is the same as Directory
// SAFETY: the lifetime of the raw pointer is tracked in the PhantomData
unsafe { mem::transmute(&mut self.inner) }
}
}
pub enum WalkResult {
Continue,
Abort,
Skip,
}
impl Directory {
fn borrow(&self) -> BorrowedDirectory {
BorrowedDirectory {
inner: self.inner,
phantom: PhantomData,
}
}
fn openat<'a>(&self, name: &'a Utf8CStr, flags: i32, mode: u32) -> OsResult<'a, OwnedFd> {
unsafe {
libc::openat(self.as_raw_fd(), name.as_ptr(), flags | O_CLOEXEC, mode)
.as_os_result("openat", Some(name), None)
.map(|fd| OwnedFd::from_raw_fd(fd))
}
}
fn path_at(&self, name: &Utf8CStr, buf: &mut dyn Utf8CStrBuf) -> OsResult<'static, ()> {
self.resolve_path(buf)?;
buf.append_path(name);
Ok(())
}
}
impl Directory {
pub fn open(path: &Utf8CStr) -> OsResult<Directory> {
let dirp = unsafe { libc::opendir(path.as_ptr()) };
let dirp = dirp.as_os_result("opendir", Some(path), None)?;
Ok(Directory { inner: dirp })
}
pub fn read(&mut self) -> OsResult<'static, Option<DirEntry>> {
*errno() = 0;
let e = unsafe { libc::readdir(self.inner.as_ptr()) };
if e.is_null() {
return if *errno() != 0 {
Err(OsError::last_os_error("readdir", None, None))
} else {
Ok(None)
};
}
// Skip non UTF-8 entries, ".", and ".."
unsafe {
let entry = &*e;
let Ok(name) = Utf8CStr::from_ptr(entry.d_name.as_ptr()) else {
return self.read();
};
if name == "." || name == ".." {
self.read()
} else {
let e = DirEntry {
dir: self.borrow(),
entry: NonNull::from(entry),
d_name_len: name.as_bytes_with_nul().len(),
};
Ok(Some(e))
}
}
}
pub fn rewind(&mut self) {
unsafe { libc::rewinddir(self.inner.as_ptr()) };
}
pub fn open_as_dir_at<'a>(&self, name: &'a Utf8CStr) -> OsResult<'a, Directory> {
let fd = self.openat(name, O_RDONLY, 0)?;
Directory::try_from(fd).map_err(|e| e.set_args(Some(name), None))
}
pub fn open_as_file_at<'a>(
&self,
name: &'a Utf8CStr,
flags: i32,
mode: u32,
) -> OsResult<'a, File> {
let fd = self.openat(name, flags, mode)?;
Ok(File::from(fd))
}
pub fn read_link_at<'a>(
&self,
name: &'a Utf8CStr,
buf: &mut dyn Utf8CStrBuf,
) -> OsResult<'a, ()> {
buf.clear();
unsafe {
let r = readlinkat(
self.as_raw_fd(),
name.as_ptr(),
buf.as_mut_ptr().cast(),
buf.capacity(),
)
.as_os_result("readlinkat", Some(name), None)? as usize;
buf.set_len(r);
}
Ok(())
}
pub fn mkdir_at<'a>(&self, name: &'a Utf8CStr, mode: mode_t) -> OsResult<'a, ()> {
unsafe {
if libc::mkdirat(self.as_raw_fd(), name.as_ptr(), mode as mode_t) < 0
&& *errno() != EEXIST
{
return Err(OsError::last_os_error("mkdirat", Some(name), None));
}
}
Ok(())
}
// ln -s target self/name
pub fn create_symlink_at<'a>(
&self,
name: &'a Utf8CStr,
target: &'a Utf8CStr,
) -> OsResult<'a, ()> {
unsafe {
libc::symlinkat(target.as_ptr(), self.as_raw_fd(), name.as_ptr()).check_os_err(
"symlinkat",
Some(target),
Some(name),
)
}
}
pub fn unlink_at<'a>(&self, name: &'a Utf8CStr, flag: i32) -> OsResult<'a, ()> {
unsafe {
libc::unlinkat(self.as_raw_fd(), name.as_ptr(), flag).check_os_err(
"unlinkat",
Some(name),
None,
)?;
}
Ok(())
}
pub fn contains_path(&self, path: &Utf8CStr) -> bool {
// WARNING: Using faccessat is incorrect, because the raw linux kernel syscall
// does not support the flag AT_SYMLINK_NOFOLLOW until 5.8 with faccessat2.
// Use fstatat to check the existence of a file instead.
unsafe {
let mut st: libc::stat = mem::zeroed();
libc::fstatat(
self.as_raw_fd(),
path.as_ptr(),
&mut st,
libc::AT_SYMLINK_NOFOLLOW,
) == 0
}
}
pub fn resolve_path(&self, buf: &mut dyn Utf8CStrBuf) -> OsResult<'static, ()> {
fd_path(self.as_raw_fd(), buf)
}
pub fn post_order_walk<F: FnMut(&DirEntry) -> OsResultStatic<WalkResult>>(
&mut self,
mut f: F,
) -> OsResultStatic<WalkResult> {
self.post_order_walk_impl(&mut f)
}
pub fn pre_order_walk<F: FnMut(&DirEntry) -> OsResultStatic<WalkResult>>(
&mut self,
mut f: F,
) -> OsResultStatic<WalkResult> {
self.pre_order_walk_impl(&mut f)
}
pub fn remove_all(&mut self) -> OsResultStatic<()> {
self.post_order_walk(|e| {
e.unlink()?;
Ok(WalkResult::Continue)
})?;
Ok(())
}
pub fn copy_into(&mut self, dir: &Directory) -> OsResultStatic<()> {
let mut buf = cstr::buf::default();
self.copy_into_impl(dir, &mut buf)
}
pub fn move_into(&mut self, dir: &Directory) -> OsResultStatic<()> {
let dir_fd = self.as_raw_fd();
while let Some(ref e) = self.read()? {
if e.is_dir() && dir.contains_path(e.name()) {
// Destination folder exists, needs recursive move
let mut src = e.open_as_dir()?;
let dest = dir.open_as_dir_at(e.name())?;
src.move_into(&dest)?;
return Ok(e.unlink()?);
}
unsafe {
libc::renameat(
dir_fd,
e.d_name.as_ptr(),
dir.as_raw_fd(),
e.d_name.as_ptr(),
)
.check_os_err("renameat", Some(e.name()), None)?;
}
}
Ok(())
}
pub fn link_into(&mut self, dir: &Directory) -> OsResultStatic<()> {
let mut buf = cstr::buf::default();
self.link_into_impl(dir, &mut buf)
}
}
impl Directory {
fn post_order_walk_impl<F: FnMut(&DirEntry) -> OsResultStatic<WalkResult>>(
&mut self,
f: &mut F,
) -> OsResultStatic<WalkResult> {
use WalkResult::*;
loop {
match self.read()? {
None => return Ok(Continue),
Some(ref e) => {
if e.is_dir() {
let mut dir = e.open_as_dir()?;
if let Abort = dir.post_order_walk_impl(f)? {
return Ok(Abort);
}
}
match f(e)? {
Abort => return Ok(Abort),
Skip => return Ok(Continue),
Continue => {}
}
}
}
}
}
fn pre_order_walk_impl<F: FnMut(&DirEntry) -> OsResultStatic<WalkResult>>(
&mut self,
f: &mut F,
) -> OsResultStatic<WalkResult> {
use WalkResult::*;
loop {
match self.read()? {
None => return Ok(Continue),
Some(ref e) => match f(e)? {
Abort => return Ok(Abort),
Skip => continue,
Continue => {
if e.is_dir() {
let mut dir = e.open_as_dir()?;
if let Abort = dir.pre_order_walk_impl(f)? {
return Ok(Abort);
}
}
}
},
}
}
}
fn copy_into_impl(
&mut self,
dest_dir: &Directory,
buf: &mut dyn Utf8CStrBuf,
) -> OsResultStatic<()> {
while let Some(ref e) = self.read()? {
e.resolve_path(buf)?;
let attr = buf.get_attr()?;
if e.is_dir() {
dest_dir.mkdir_at(e.name(), 0o777)?;
let mut src = e.open_as_dir()?;
let dest = dest_dir.open_as_dir_at(e.name())?;
src.copy_into_impl(&dest, buf)?;
fd_set_attr(dest.as_raw_fd(), &attr)?;
} else if e.is_file() {
let mut src = e.open_as_file(O_RDONLY)?;
let mut dest =
dest_dir.open_as_file_at(e.name(), O_WRONLY | O_CREAT | O_TRUNC, 0o777)?;
std::io::copy(&mut src, &mut dest)?;
fd_set_attr(dest.as_raw_fd(), &attr)?;
} else if e.is_symlink() {
e.read_link(buf)?;
dest_dir.create_symlink_at(e.name(), buf)?;
dest_dir.path_at(e.name(), buf)?;
buf.set_attr(&attr)?;
}
}
Ok(())
}
fn link_into_impl(
&mut self,
dest_dir: &Directory,
buf: &mut dyn Utf8CStrBuf,
) -> OsResultStatic<()> {
let dir_fd = self.as_raw_fd();
while let Some(ref e) = self.read()? {
if e.is_dir() {
dest_dir.mkdir_at(e.name(), 0o777)?;
e.resolve_path(buf)?;
let attr = buf.get_attr()?;
let mut src = e.open_as_dir()?;
let dest = dest_dir.open_as_dir_at(e.name())?;
src.link_into_impl(&dest, buf)?;
fd_set_attr(dest.as_raw_fd(), &attr)?;
} else {
unsafe {
libc::linkat(
dir_fd,
e.d_name.as_ptr(),
dest_dir.as_raw_fd(),
e.d_name.as_ptr(),
0,
)
.check_os_err("linkat", Some(e.name()), None)?;
}
}
}
Ok(())
}
}
impl TryFrom<OwnedFd> for Directory {
type Error = OsError<'static>;
fn try_from(fd: OwnedFd) -> OsResult<'static, Self> {
let dirp = unsafe { libc::fdopendir(fd.into_raw_fd()) };
let dirp = dirp.as_os_result("fdopendir", None, None)?;
Ok(Directory { inner: dirp })
}
}
impl AsRawFd for Directory {
fn as_raw_fd(&self) -> RawFd {
unsafe { libc::dirfd(self.inner.as_ptr()) }
}
}
impl AsFd for Directory {
fn as_fd(&self) -> BorrowedFd {
unsafe { BorrowedFd::borrow_raw(self.as_raw_fd()) }
}
}
impl Drop for Directory {
fn drop(&mut self) {
unsafe {
libc::closedir(self.inner.as_ptr());
}
}
}

948
native/src/base/files.rs
View File

File diff suppressed because it is too large Load Diff

3
native/src/base/include/base.hpp
View File

@@ -7,4 +7,5 @@
#include "../base-rs.hpp"
using rust::xpipe2;
using rust::fd_path;
using rust::fd_path;
using kv_pairs = std::vector<std::pair<std::string, std::string>>;

11
native/src/base/lib.rs
View File

@@ -6,18 +6,24 @@ pub use const_format;
pub use libc;
use num_traits::FromPrimitive;
pub use cstr::*;
pub use cstr::{
FsPathFollow, StrErr, Utf8CStr, Utf8CStrBuf, Utf8CStrBufArr, Utf8CStrBufRef, Utf8CString,
};
use cxx_extern::*;
pub use dir::*;
pub use ffi::fork_dont_care;
pub use files::*;
pub use logging::*;
pub use misc::*;
pub use result::*;
mod cstr;
pub mod cstr;
mod cxx_extern;
mod dir;
mod files;
mod logging;
mod misc;
mod mount;
mod result;
mod xwrap;
@@ -42,6 +48,7 @@ pub mod ffi {
type Utf8CStrRef<'a> = &'a crate::cstr::Utf8CStr;
fn mut_u8_patch(buf: &mut [u8], from: &[u8], to: &[u8]) -> Vec<usize>;
fn fork_dont_care() -> i32;
}
extern "Rust" {

8
native/src/base/logging.rs
View File

@@ -1,13 +1,13 @@
use std::fmt;
use std::fmt::Arguments;
use std::io::{stderr, stdout, Write};
use std::io::{Write, stderr, stdout};
use std::process::exit;
use num_derive::{FromPrimitive, ToPrimitive};
use num_traits::FromPrimitive;
use crate::ffi::LogLevelCxx;
use crate::{Utf8CStr, Utf8CStrBufArr};
use crate::{Utf8CStr, cstr};
// Ugly hack to avoid using enum
#[allow(non_snake_case, non_upper_case_globals)]
@@ -84,7 +84,7 @@ fn log_with_writer<F: FnOnce(LogWriter)>(level: LogLevel, f: F) {
}
f(logger.write);
if matches!(level, LogLevel::ErrorCxx) && (logger.flags & LogFlag::ExitOnError) != 0 {
exit(1);
exit(-1);
}
}
@@ -96,7 +96,7 @@ pub fn log_from_cxx(level: LogLevelCxx, msg: &Utf8CStr) {
pub fn log_with_formatter<F: FnOnce(Formatter) -> fmt::Result>(level: LogLevel, f: F) {
log_with_writer(level, |write| {
let mut buf = Utf8CStrBufArr::default();
let mut buf = cstr::buf::default();
f(&mut buf).ok();
write(level, &buf);
});

25
native/src/base/misc.cpp
View File

@@ -186,27 +186,6 @@ int parse_int(string_view s) {
return parse_num<int, 10>(s);
}
uint64_t parse_uint64_hex(string_view s) {
return parse_num<uint64_t, 16>(s);
}
uint32_t binary_gcd(uint32_t u, uint32_t v) {
if (u == 0) return v;
if (v == 0) return u;
auto shift = __builtin_ctz(u | v);
u >>= __builtin_ctz(u);
do {
v >>= __builtin_ctz(v);
if (u > v) {
auto t = v;
v = u;
u = t;
}
v -= u;
} while (v != 0);
return u << shift;
}
int switch_mnt_ns(int pid) {
int ret = -1;
int fd = syscall(__NR_pidfd_open, pid, 0);
@@ -255,10 +234,6 @@ vector<string> split(string_view s, string_view delims) {
return split_impl<string>(s, delims);
}
vector<string_view> split_view(string_view s, string_view delims) {
return split_impl<string_view>(s, delims);
}
#undef vsnprintf
int vssprintf(char *dest, size_t size, const char *fmt, va_list ap) {
if (size > 0) {

61
native/src/base/misc.hpp
View File

@@ -71,57 +71,6 @@ static inline void default_new(T *&p) { p = new T(); }
template<class T>
static inline void default_new(std::unique_ptr<T> &p) { p.reset(new T()); }
template<typename T, typename Impl>
class stateless_allocator {
public:
using value_type = T;
T *allocate(size_t num) { return static_cast<T*>(Impl::allocate(sizeof(T) * num)); }
void deallocate(T *ptr, size_t num) { Impl::deallocate(ptr, sizeof(T) * num); }
stateless_allocator() = default;
stateless_allocator(const stateless_allocator&) = default;
stateless_allocator(stateless_allocator&&) = default;
template <typename U>
stateless_allocator(const stateless_allocator<U, Impl>&) {}
bool operator==(const stateless_allocator&) { return true; }
bool operator!=(const stateless_allocator&) { return false; }
};
class dynamic_bitset_impl {
public:
using slot_type = unsigned long;
constexpr static int slot_size = sizeof(slot_type) * 8;
using slot_bits = std::bitset<slot_size>;
size_t slots() const { return slot_list.size(); }
slot_type get_slot(size_t slot) const {
return slot_list.size() > slot ? slot_list[slot].to_ulong() : 0ul;
}
void emplace_back(slot_type l) {
slot_list.emplace_back(l);
}
protected:
slot_bits::reference get(size_t pos) {
size_t slot = pos / slot_size;
size_t index = pos % slot_size;
if (slot_list.size() <= slot) {
slot_list.resize(slot + 1);
}
return slot_list[slot][index];
}
bool get(size_t pos) const {
size_t slot = pos / slot_size;
size_t index = pos % slot_size;
return slot_list.size() > slot && slot_list[slot][index];
}
private:
std::vector<slot_bits> slot_list;
};
struct dynamic_bitset : public dynamic_bitset_impl {
slot_bits::reference operator[] (size_t pos) { return get(pos); }
bool operator[] (size_t pos) const { return get(pos); }
};
struct StringCmp {
using is_transparent = void;
bool operator()(std::string_view a, std::string_view b) const { return a < b; }
@@ -198,13 +147,6 @@ struct byte_data : public byte_view {
rust::Vec<size_t> patch(byte_view from, byte_view to);
};
template<size_t N>
struct byte_array : public byte_data {
byte_array() : byte_data(arr, N), arr{0} {}
private:
uint8_t arr[N];
};
class byte_stream;
struct heap_data : public byte_data {
@@ -238,7 +180,6 @@ rust::Vec<size_t> mut_u8_patch(
rust::Slice<const uint8_t> from,
rust::Slice<const uint8_t> to);
uint64_t parse_uint64_hex(std::string_view s);
int parse_int(std::string_view s);
using thread_entry = void *(*)(void *);
@@ -270,11 +211,9 @@ int fork_dont_care();
int fork_no_orphan();
void init_argv0(int argc, char **argv);
void set_nice_name(const char *name);
uint32_t binary_gcd(uint32_t u, uint32_t v);
int switch_mnt_ns(int pid);
std::string &replace_all(std::string &str, std::string_view from, std::string_view to);
std::vector<std::string> split(std::string_view s, std::string_view delims);
std::vector<std::string_view> split_view(std::string_view, std::string_view delims);
// Similar to vsnprintf, but the return value is the written number of bytes
__printflike(3, 0) int vssprintf(char *dest, size_t size, const char *fmt, va_list ap);

126
native/src/base/misc.rs
View File

@@ -1,12 +1,13 @@
use std::fmt::Arguments;
use std::io::Write;
use std::process::exit;
use std::{fmt, io, slice, str};
use crate::{StrErr, Utf8CStr, ffi};
use argh::EarlyExit;
use libc::c_char;
use crate::{ffi, StrErr, Utf8CStr};
use std::fmt::Arguments;
use std::io::Write;
use std::mem::ManuallyDrop;
use std::process::exit;
use std::sync::Arc;
use std::sync::atomic::{AtomicPtr, Ordering};
use std::{fmt, slice, str};
pub fn errno() -> &'static mut i32 {
unsafe { &mut *libc::__errno() }
@@ -15,67 +16,25 @@ pub fn errno() -> &'static mut i32 {
// When len is 0, don't care whether buf is null or not
#[inline]
pub unsafe fn slice_from_ptr<'a, T>(buf: *const T, len: usize) -> &'a [T] {
if len == 0 {
&[]
} else {
slice::from_raw_parts(buf, len)
unsafe {
if len == 0 {
&[]
} else {
slice::from_raw_parts(buf, len)
}
}
}
// When len is 0, don't care whether buf is null or not
#[inline]
pub unsafe fn slice_from_ptr_mut<'a, T>(buf: *mut T, len: usize) -> &'a mut [T] {
if len == 0 {
&mut []
} else {
slice::from_raw_parts_mut(buf, len)
}
}
// Check libc return value and map to Result
pub trait LibcReturn
where
Self: Copy,
{
fn is_error(&self) -> bool;
fn check_os_err(self) -> io::Result<Self> {
if self.is_error() {
Err(io::Error::last_os_error())
unsafe {
if len == 0 {
&mut []
} else {
Ok(self)
slice::from_raw_parts_mut(buf, len)
}
}
fn as_os_err(self) -> io::Result<()> {
self.check_os_err()?;
Ok(())
}
}
macro_rules! impl_libc_return {
($($t:ty)*) => ($(
impl LibcReturn for $t {
#[inline]
fn is_error(&self) -> bool {
*self < 0
}
}
)*)
}
impl_libc_return! { i8 i16 i32 i64 isize }
impl<T> LibcReturn for *const T {
#[inline]
fn is_error(&self) -> bool {
self.is_null()
}
}
impl<T> LibcReturn for *mut T {
#[inline]
fn is_error(&self) -> bool {
self.is_null()
}
}
pub trait BytesExt {
@@ -161,3 +120,52 @@ impl<T: Write> fmt::Write for FmtAdaptor<'_, T> {
self.0.write_fmt(args).map_err(|_| fmt::Error)
}
}
pub struct AtomicArc<T> {
ptr: AtomicPtr<T>,
}
impl<T> AtomicArc<T> {
pub fn new(arc: Arc<T>) -> AtomicArc<T> {
let raw = Arc::into_raw(arc);
Self {
ptr: AtomicPtr::new(raw as *mut _),
}
}
pub fn load(&self) -> Arc<T> {
let raw = self.ptr.load(Ordering::Acquire);
// SAFETY: the raw pointer is always created from Arc::into_raw
let arc = ManuallyDrop::new(unsafe { Arc::from_raw(raw) });
ManuallyDrop::into_inner(arc.clone())
}
fn swap_ptr(&self, raw: *const T) -> Arc<T> {
let prev = self.ptr.swap(raw as *mut _, Ordering::AcqRel);
// SAFETY: the raw pointer is always created from Arc::into_raw
unsafe { Arc::from_raw(prev) }
}
pub fn swap(&self, arc: Arc<T>) -> Arc<T> {
let raw = Arc::into_raw(arc);
self.swap_ptr(raw)
}
pub fn store(&self, arc: Arc<T>) {
// Drop the previous value
let _ = self.swap(arc);
}
}
impl<T> Drop for AtomicArc<T> {
fn drop(&mut self) {
// Drop the internal value
let _ = self.swap_ptr(std::ptr::null());
}
}
impl<T: Default> Default for AtomicArc<T> {
fn default() -> Self {
Self::new(Default::default())
}
}

90
native/src/base/mount.rs Normal file
View File

@@ -0,0 +1,90 @@
use crate::{LibcReturn, OsResult, Utf8CStr};
use libc::c_ulong;
use std::ptr;
impl Utf8CStr {
pub fn bind_mount_to<'a>(&'a self, path: &'a Utf8CStr) -> OsResult<'a, ()> {
unsafe {
libc::mount(
self.as_ptr(),
path.as_ptr(),
ptr::null(),
libc::MS_BIND,
ptr::null(),
)
.check_os_err("bind_mount", Some(self), Some(path))
}
}
pub fn remount_mount_point_flags(&self, flags: c_ulong) -> OsResult<()> {
unsafe {
libc::mount(
ptr::null(),
self.as_ptr(),
ptr::null(),
libc::MS_BIND | libc::MS_REMOUNT | flags,
ptr::null(),
)
.check_os_err("remount", Some(self), None)
}
}
pub fn remount_mount_flags(&self, flags: c_ulong) -> OsResult<()> {
unsafe {
libc::mount(
ptr::null(),
self.as_ptr(),
ptr::null(),
libc::MS_REMOUNT | flags,
ptr::null(),
)
.check_os_err("remount", Some(self), None)
}
}
pub fn remount_with_data(&self, data: &Utf8CStr) -> OsResult<()> {
unsafe {
libc::mount(
ptr::null(),
self.as_ptr(),
ptr::null(),
libc::MS_REMOUNT,
data.as_ptr().cast(),
)
.check_os_err("remount", Some(self), None)
}
}
pub fn move_mount_to<'a>(&'a self, path: &'a Utf8CStr) -> OsResult<'a, ()> {
unsafe {
libc::mount(
self.as_ptr(),
path.as_ptr(),
ptr::null(),
libc::MS_MOVE,
ptr::null(),
)
.check_os_err("move_mount", Some(self), Some(path))
}
}
pub fn unmount(&self) -> OsResult<()> {
unsafe {
libc::umount2(self.as_ptr(), libc::MNT_DETACH).check_os_err("unmount", Some(self), None)
}
}
pub fn set_mount_private(&self, recursive: bool) -> OsResult<()> {
let flag = if recursive { libc::MS_REC } else { 0 };
unsafe {
libc::mount(
ptr::null(),
self.as_ptr(),
ptr::null(),
libc::MS_PRIVATE | flag,
ptr::null(),
)
.check_os_err("set_mount_private", Some(self), None)
}
}
}

228
native/src/base/result.rs
View File

@@ -1,9 +1,10 @@
use std::fmt;
use crate::logging::Formatter;
use crate::{LogLevel, errno, log_with_args, log_with_formatter};
use std::fmt::Display;
use std::panic::Location;
use crate::logging::Formatter;
use crate::{log_with_args, log_with_formatter, LogLevel};
use std::ptr::NonNull;
use std::{fmt, io};
use thiserror::Error;
// Error handling throughout the Rust codebase in Magisk:
//
@@ -55,12 +56,12 @@ impl<T> SilentResultExt<T> for Option<T> {
pub trait ResultExt<T> {
fn log(self) -> LoggedResult<T>;
fn log_with_msg<F: FnOnce(Formatter) -> fmt::Result>(self, f: F) -> LoggedResult<T>;
fn log_ok(self);
}
// Internal C++ bridging logging routines
pub(crate) trait CxxResultExt<T> {
fn log_cxx(self) -> LoggedResult<T>;
fn log_cxx_with_msg<F: FnOnce(Formatter) -> fmt::Result>(self, f: F) -> LoggedResult<T>;
}
trait Loggable<T> {
@@ -77,10 +78,6 @@ impl<T, R: Loggable<T>> CxxResultExt<T> for R {
fn log_cxx(self) -> LoggedResult<T> {
self.do_log(LogLevel::ErrorCxx, None)
}
fn log_cxx_with_msg<F: FnOnce(Formatter) -> fmt::Result>(self, f: F) -> LoggedResult<T> {
self.do_log_msg(LogLevel::ErrorCxx, None, f)
}
}
impl<T, R: Loggable<T>> ResultExt<T> for R {
@@ -105,6 +102,17 @@ impl<T, R: Loggable<T>> ResultExt<T> for R {
fn log_with_msg<F: FnOnce(Formatter) -> fmt::Result>(self, f: F) -> LoggedResult<T> {
self.do_log_msg(LogLevel::Error, Some(Location::caller()), f)
}
#[cfg(not(debug_assertions))]
fn log_ok(self) {
self.log().ok();
}
#[track_caller]
#[cfg(debug_assertions)]
fn log_ok(self) {
self.do_log(LogLevel::Error, Some(Location::caller())).ok();
}
}
impl<T> Loggable<T> for LoggedResult<T> {
@@ -193,3 +201,205 @@ impl<T: Display> From<T> for LoggedError {
LoggedError::default()
}
}
// Check libc return value and map to Result
pub trait LibcReturn
where
Self: Copy,
{
type Value;
fn is_error(&self) -> bool;
fn map_val(self) -> Self::Value;
fn as_os_result<'a>(
self,
name: &'static str,
arg1: Option<&'a str>,
arg2: Option<&'a str>,
) -> OsResult<'a, Self::Value> {
if self.is_error() {
Err(OsError::last_os_error(name, arg1, arg2))
} else {
Ok(self.map_val())
}
}
fn check_os_err<'a>(
self,
name: &'static str,
arg1: Option<&'a str>,
arg2: Option<&'a str>,
) -> OsResult<'a, ()> {
if self.is_error() {
Err(OsError::last_os_error(name, arg1, arg2))
} else {
Ok(())
}
}
fn check_io_err(self) -> io::Result<()> {
if self.is_error() {
Err(io::Error::last_os_error())
} else {
Ok(())
}
}
}
macro_rules! impl_libc_return {
($($t:ty)*) => ($(
impl LibcReturn for $t {
type Value = Self;
#[inline(always)]
fn is_error(&self) -> bool {
*self < 0
}
#[inline(always)]
fn map_val(self) -> Self::Value {
self
}
}
)*)
}
impl_libc_return! { i8 i16 i32 i64 isize }
impl<T> LibcReturn for *mut T {
type Value = NonNull<T>;
#[inline(always)]
fn is_error(&self) -> bool {
self.is_null()
}
#[inline(always)]
fn map_val(self) -> NonNull<T> {
// SAFETY: pointer is null checked by is_error
unsafe { NonNull::new_unchecked(self.cast()) }
}
}
#[derive(Debug)]
enum OwnableStr<'a> {
None,
Borrowed(&'a str),
Owned(Box<str>),
}
impl OwnableStr<'_> {
fn into_owned(self) -> OwnableStr<'static> {
match self {
OwnableStr::None => OwnableStr::None,
OwnableStr::Borrowed(s) => OwnableStr::Owned(Box::from(s)),
OwnableStr::Owned(s) => OwnableStr::Owned(s),
}
}
fn ok(&self) -> Option<&str> {
match self {
OwnableStr::None => None,
OwnableStr::Borrowed(s) => Some(*s),
OwnableStr::Owned(s) => Some(s),
}
}
}
impl<'a> From<Option<&'a str>> for OwnableStr<'a> {
fn from(value: Option<&'a str>) -> Self {
value.map(OwnableStr::Borrowed).unwrap_or(OwnableStr::None)
}
}
#[derive(Debug)]
pub struct OsError<'a> {
code: i32,
name: &'static str,
arg1: OwnableStr<'a>,
arg2: OwnableStr<'a>,
}
impl OsError<'_> {
pub fn with_os_error<'a>(
code: i32,
name: &'static str,
arg1: Option<&'a str>,
arg2: Option<&'a str>,
) -> OsError<'a> {
OsError {
code,
name,
arg1: OwnableStr::from(arg1),
arg2: OwnableStr::from(arg2),
}
}
pub fn last_os_error<'a>(
name: &'static str,
arg1: Option<&'a str>,
arg2: Option<&'a str>,
) -> OsError<'a> {
Self::with_os_error(*errno(), name, arg1, arg2)
}
pub fn set_args<'a>(self, arg1: Option<&'a str>, arg2: Option<&'a str>) -> OsError<'a> {
Self::with_os_error(self.code, self.name, arg1, arg2)
}
pub fn into_owned(self) -> OsError<'static> {
OsError {
code: *errno(),
name: self.name,
arg1: self.arg1.into_owned(),
arg2: self.arg2.into_owned(),
}
}
fn as_io_error(&self) -> io::Error {
io::Error::from_raw_os_error(self.code)
}
}
impl Display for OsError<'_> {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
let error = self.as_io_error();
if self.name.is_empty() {
write!(f, "{:#}", error)
} else {
match (self.arg1.ok(), self.arg2.ok()) {
(Some(arg1), Some(arg2)) => {
write!(f, "{} '{}' '{}': {:#}", self.name, arg1, arg2, error)
}
(Some(arg1), None) => {
write!(f, "{} '{}': {:#}", self.name, arg1, error)
}
_ => {
write!(f, "{}: {:#}", self.name, error)
}
}
}
}
}
impl std::error::Error for OsError<'_> {}
pub type OsResult<'a, T> = Result<T, OsError<'a>>;
#[derive(Debug, Error)]
pub enum OsErrorStatic {
#[error(transparent)]
Os(OsError<'static>),
#[error(transparent)]
Io(#[from] io::Error),
}
// Convert non-static OsError to static
impl<'a> From<OsError<'a>> for OsErrorStatic {
fn from(value: OsError<'a>) -> Self {
OsErrorStatic::Os(value.into_owned())
}
}
pub type OsResultStatic<T> = Result<T, OsErrorStatic>;

13
native/src/base/xwrap.hpp
View File

@@ -15,7 +15,6 @@ int xopenat(int dirfd, const char *pathname, int flags, mode_t mode = 0);
ssize_t xwrite(int fd, const void *buf, size_t count);
ssize_t xread(int fd, void *buf, size_t count);
ssize_t xxread(int fd, void *buf, size_t count);
off64_t xlseek64(int fd, off64_t offset, int whence);
int xsetns(int fd, int nstype);
int xunshare(int flags);
DIR *xopendir(const char *name);
@@ -26,33 +25,21 @@ int xsocket(int domain, int type, int protocol);
int xbind(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
int xlisten(int sockfd, int backlog);
int xaccept4(int sockfd, struct sockaddr *addr, socklen_t *addrlen, int flags);
ssize_t xsendmsg(int sockfd, const struct msghdr *msg, int flags);
ssize_t xrecvmsg(int sockfd, struct msghdr *msg, int flags);
int xaccess(const char *path, int mode);
int xfaccessat(int dirfd, const char *pathname, int mode, int flags);
int xstat(const char *pathname, struct stat *buf);
int xlstat(const char *pathname, struct stat *buf);
int xfstat(int fd, struct stat *buf);
int xfstatat(int dirfd, const char *pathname, struct stat *buf, int flags);
int xdup(int fd);
int xdup2(int oldfd, int newfd);
int xdup3(int oldfd, int newfd, int flags);
ssize_t xreadlink(const char * __restrict__ pathname, char * __restrict__ buf, size_t bufsiz);
ssize_t xreadlinkat(
int dirfd, const char * __restrict__ pathname, char * __restrict__ buf, size_t bufsiz);
int xsymlink(const char *target, const char *linkpath);
int xsymlinkat(const char *target, int newdirfd, const char *linkpath);
int xlinkat(int olddirfd, const char *oldpath, int newdirfd, const char *newpath, int flags);
int xmount(const char *source, const char *target,
const char *filesystemtype, unsigned long mountflags,
const void *data);
int xumount(const char *target);
int xumount2(const char *target, int flags);
int xrename(const char *oldpath, const char *newpath);
int xmkdir(const char *pathname, mode_t mode);
int xmkdirs(const char *pathname, mode_t mode);
int xmkdirat(int dirfd, const char *pathname, mode_t mode);
void *xmmap(void *addr, size_t length, int prot, int flags, int fd, off_t offset);
ssize_t xsendfile(int out_fd, int in_fd, off_t *offset, size_t count);
pid_t xfork();
int xpoll(pollfd *fds, nfds_t nfds, int timeout);

715
native/src/base/xwrap.rs
View File

@@ -1,509 +1,306 @@
// Functions in this file are only for exporting to C++, DO NOT USE IN RUST
use std::ffi::CStr;
use std::os::unix::io::RawFd;
use std::ptr;
use crate::cxx_extern::readlinkat;
use crate::{
BorrowedDirectory, CxxResultExt, LibcReturn, Utf8CStr, cstr, slice_from_ptr, slice_from_ptr_mut,
};
use libc::{
c_char, c_uint, c_ulong, c_void, dev_t, mode_t, nfds_t, off_t, pollfd, sockaddr, socklen_t,
ssize_t, SYS_dup3,
};
use std::ffi::CStr;
use std::fs::File;
use std::io::{Read, Write};
use std::mem::ManuallyDrop;
use std::os::fd::FromRawFd;
use std::os::unix::io::RawFd;
use std::ptr;
use std::ptr::NonNull;
use crate::cxx_extern::readlinkat_for_cxx;
use crate::{errno, raw_cstr, CxxResultExt, FsPath, Utf8CStr, Utf8CStrBufRef};
fn ptr_to_str<'a, T>(ptr: *const T) -> &'a str {
fn ptr_to_str<'a>(ptr: *const c_char) -> Option<&'a str> {
if ptr.is_null() {
"(null)"
None
} else {
unsafe { CStr::from_ptr(ptr.cast()) }.to_str().unwrap_or("")
unsafe { CStr::from_ptr(ptr) }.to_str().ok()
}
}
fn error_str() -> &'static str {
unsafe { ptr_to_str(libc::strerror(*errno())) }
}
macro_rules! error_cxx {
($($args:tt)+) => {
($crate::log_with_args($crate::LogLevel::ErrorCxx, format_args_nl!($($args)+)))
}
}
macro_rules! perror {
($fmt:expr) => {
$crate::log_with_formatter($crate::LogLevel::ErrorCxx, |w| {
w.write_str($fmt)?;
w.write_fmt(format_args_nl!(" failed with {}: {}", $crate::errno(), error_str()))
})
};
($fmt:expr, $($args:tt)*) => {
$crate::log_with_formatter($crate::LogLevel::ErrorCxx, |w| {
w.write_fmt(format_args!($fmt, $($args)*))?;
w.write_fmt(format_args_nl!(" failed with {}: {}", $crate::errno(), error_str()))
})
};
}
mod c_export {
use std::os::unix::io::RawFd;
use crate::{slice_from_ptr, slice_from_ptr_mut};
#[no_mangle]
unsafe extern "C" fn xwrite(fd: RawFd, buf: *const u8, bufsz: usize) -> isize {
super::xwrite(fd, slice_from_ptr(buf, bufsz))
}
#[no_mangle]
unsafe extern "C" fn xxread(fd: RawFd, buf: *mut u8, bufsz: usize) -> isize {
super::xxread(fd, slice_from_ptr_mut(buf, bufsz))
}
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xrealpath(path: *const c_char, buf: *mut u8, bufsz: usize) -> isize {
match Utf8CStr::from_ptr(path) {
Ok(p) => {
let mut buf = Utf8CStrBufRef::from_ptr(buf, bufsz);
FsPath::from(p)
.realpath(&mut buf)
.log_cxx_with_msg(|w| w.write_fmt(format_args!("realpath {} failed", p)))
.map_or(-1, |_| buf.len() as isize)
unsafe {
match Utf8CStr::from_ptr(path) {
Ok(path) => {
let mut buf = cstr::buf::wrap_ptr(buf, bufsz);
path.realpath(&mut buf)
.log_cxx()
.map_or(-1, |_| buf.len() as isize)
}
Err(_) => -1,
}
Err(_) => -1,
}
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xreadlink(path: *const c_char, buf: *mut u8, bufsz: usize) -> isize {
match Utf8CStr::from_ptr(path) {
Ok(p) => {
let mut buf = Utf8CStrBufRef::from_ptr(buf, bufsz);
FsPath::from(p)
.read_link(&mut buf)
.log_cxx_with_msg(|w| w.write_fmt(format_args!("readlink {} failed", p)))
.map_or(-1, |_| buf.len() as isize)
unsafe {
match Utf8CStr::from_ptr(path) {
Ok(path) => {
let mut buf = cstr::buf::wrap_ptr(buf, bufsz);
path.read_link(&mut buf)
.log_cxx()
.map_or(-1, |_| buf.len() as isize)
}
Err(_) => -1,
}
Err(_) => -1,
}
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xreadlinkat(
dirfd: RawFd,
path: *const c_char,
buf: *mut u8,
bufsz: usize,
) -> isize {
let r = readlinkat_for_cxx(dirfd, path, buf, bufsz);
if r < 0 {
perror!("readlinkat {}", ptr_to_str(path))
}
r
}
#[no_mangle]
unsafe extern "C" fn xfopen(path: *const c_char, mode: *const c_char) -> *mut libc::FILE {
let fp = libc::fopen(path, mode);
if fp.is_null() {
perror!("fopen {}", ptr_to_str(path));
}
fp
}
#[no_mangle]
unsafe extern "C" fn xfdopen(fd: RawFd, mode: *const c_char) -> *mut libc::FILE {
let fp = libc::fdopen(fd, mode);
if fp.is_null() {
perror!("fdopen");
}
fp
}
#[no_mangle]
unsafe extern "C" fn xopen(path: *const c_char, flags: i32, mode: mode_t) -> RawFd {
let r = libc::open(path, flags, mode as c_uint);
if r < 0 {
perror!("open {}", ptr_to_str(path));
}
r
}
#[no_mangle]
unsafe extern "C" fn xopenat(dirfd: RawFd, path: *const c_char, flags: i32, mode: mode_t) -> RawFd {
let r = libc::openat(dirfd, path, flags, mode as c_uint);
if r < 0 {
perror!("openat {}", ptr_to_str(path));
}
r
}
// Fully write data slice
fn xwrite(fd: RawFd, data: &[u8]) -> isize {
unsafe {
let mut write_sz: usize = 0;
let mut r: ssize_t;
let mut remain: &[u8] = data;
loop {
r = libc::write(fd, remain.as_ptr().cast(), remain.len());
if r < 0 {
if *errno() == libc::EINTR {
continue;
}
perror!("write");
return r;
}
let r = r as usize;
write_sz += r;
remain = &remain[r..];
if r == 0 || remain.is_empty() {
break;
}
}
if !remain.is_empty() {
error_cxx!("write ({} != {})", write_sz, data.len())
}
write_sz as isize
readlinkat(dirfd, path, buf, bufsz)
.as_os_result("readlinkat", ptr_to_str(path), None)
.log_cxx()
.unwrap_or(-1)
}
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xfopen(path: *const c_char, mode: *const c_char) -> *mut libc::FILE {
unsafe {
libc::fopen(path, mode)
.as_os_result("fopen", ptr_to_str(path), None)
.log_cxx()
.map_or(ptr::null_mut(), NonNull::as_ptr)
}
}
#[unsafe(no_mangle)]
unsafe extern "C" fn xfdopen(fd: RawFd, mode: *const c_char) -> *mut libc::FILE {
unsafe {
libc::fdopen(fd, mode)
.as_os_result("fdopen", None, None)
.log_cxx()
.map_or(ptr::null_mut(), NonNull::as_ptr)
}
}
#[unsafe(no_mangle)]
unsafe extern "C" fn xopen(path: *const c_char, flags: i32, mode: mode_t) -> RawFd {
unsafe {
libc::open(path, flags, mode as c_uint)
.as_os_result("open", ptr_to_str(path), None)
.log_cxx()
.unwrap_or(-1)
}
}
#[unsafe(no_mangle)]
unsafe extern "C" fn xopenat(dirfd: RawFd, path: *const c_char, flags: i32, mode: mode_t) -> RawFd {
unsafe {
libc::openat(dirfd, path, flags, mode as c_uint)
.as_os_result("openat", ptr_to_str(path), None)
.log_cxx()
.unwrap_or(-1)
}
}
#[unsafe(no_mangle)]
unsafe extern "C" fn xwrite(fd: RawFd, buf: *const u8, bufsz: usize) -> isize {
let mut file = unsafe { ManuallyDrop::new(File::from_raw_fd(fd)) };
let data = unsafe { slice_from_ptr(buf, bufsz) };
file.write_all(data)
.log_cxx()
.map_or(-1, |_| data.len() as isize)
}
#[unsafe(no_mangle)]
unsafe extern "C" fn xread(fd: RawFd, buf: *mut c_void, bufsz: usize) -> isize {
unsafe {
let r = libc::read(fd, buf, bufsz);
if r < 0 {
perror!("read");
}
r
libc::read(fd, buf, bufsz)
.as_os_result("read", None, None)
.log_cxx()
.unwrap_or(-1)
}
}
// Fully read size of data slice
fn xxread(fd: RawFd, data: &mut [u8]) -> isize {
unsafe {
let mut read_sz: usize = 0;
let mut r: ssize_t;
let mut remain: &mut [u8] = data;
loop {
r = libc::read(fd, remain.as_mut_ptr().cast(), remain.len());
if r < 0 {
if *errno() == libc::EINTR {
continue;
}
perror!("read");
return r;
}
let r = r as usize;
read_sz += r;
remain = &mut remain[r..];
if r == 0 || remain.is_empty() {
break;
}
}
if !remain.is_empty() {
error_cxx!("read ({} != {})", read_sz, data.len())
}
read_sz as isize
}
}
#[no_mangle]
extern "C" fn xlseek64(fd: RawFd, offset: i64, whence: i32) -> i64 {
unsafe {
let r = libc::lseek64(fd, offset, whence);
if r < 0 {
perror!("lseek64");
}
r
}
#[unsafe(no_mangle)]
unsafe extern "C" fn xxread(fd: RawFd, buf: *mut u8, bufsz: usize) -> isize {
let mut file = unsafe { ManuallyDrop::new(File::from_raw_fd(fd)) };
let data = unsafe { slice_from_ptr_mut(buf, bufsz) };
file.read_exact(data)
.log_cxx()
.map_or(-1, |_| data.len() as isize)
}
pub(crate) fn xpipe2(fds: &mut [i32; 2], flags: i32) -> i32 {
unsafe {
let r = libc::pipe2(fds.as_mut_ptr(), flags);
if r < 0 {
perror!("pipe2");
}
r
libc::pipe2(fds.as_mut_ptr(), flags)
.as_os_result("pipe2", None, None)
.log_cxx()
.unwrap_or(-1)
}
}
#[no_mangle]
#[unsafe(no_mangle)]
extern "C" fn xsetns(fd: RawFd, nstype: i32) -> i32 {
unsafe {
let r = libc::setns(fd, nstype);
if r < 0 {
perror!("setns");
}
r
libc::setns(fd, nstype)
.as_os_result("setns", None, None)
.log_cxx()
.unwrap_or(-1)
}
}
#[no_mangle]
#[unsafe(no_mangle)]
extern "C" fn xunshare(flags: i32) -> i32 {
unsafe {
let r = libc::unshare(flags);
if r < 0 {
perror!("unshare");
}
r
libc::unshare(flags)
.as_os_result("unshare", None, None)
.log_cxx()
.unwrap_or(-1)
}
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xopendir(path: *const c_char) -> *mut libc::DIR {
let dp = libc::opendir(path);
if dp.is_null() {
perror!("opendir {}", ptr_to_str(path));
unsafe {
libc::opendir(path)
.as_os_result("opendir", ptr_to_str(path), None)
.log_cxx()
.map_or(ptr::null_mut(), NonNull::as_ptr)
}
dp
}
#[no_mangle]
#[unsafe(no_mangle)]
extern "C" fn xfdopendir(fd: RawFd) -> *mut libc::DIR {
unsafe {
let dp = libc::fdopendir(fd);
if dp.is_null() {
perror!("fdopendir");
}
dp
libc::fdopendir(fd)
.as_os_result("fdopendir", None, None)
.log_cxx()
.map_or(ptr::null_mut(), NonNull::as_ptr)
}
}
#[no_mangle]
unsafe extern "C" fn xreaddir(dirp: *mut libc::DIR) -> *mut libc::dirent {
*errno() = 0;
loop {
let e = libc::readdir(dirp);
if e.is_null() {
if *errno() != 0 {
perror!("readdir")
}
} else {
// Filter out . and ..
let s = (*e).d_name.as_ptr();
if libc::strcmp(s, raw_cstr!(".")) == 0 || libc::strcmp(s, raw_cstr!("..")) == 0 {
continue;
}
};
return e;
}
#[unsafe(no_mangle)]
unsafe extern "C" fn xreaddir(mut dir: BorrowedDirectory) -> *mut libc::dirent {
dir.read()
.log_cxx()
.ok()
.flatten()
.map_or(ptr::null_mut(), |entry| entry.as_ptr())
}
#[no_mangle]
#[unsafe(no_mangle)]
extern "C" fn xsetsid() -> i32 {
unsafe {
let r = libc::setsid();
if r < 0 {
perror!("setsid");
}
r
libc::setsid()
.as_os_result("setsid", None, None)
.log_cxx()
.unwrap_or(-1)
}
}
#[no_mangle]
#[unsafe(no_mangle)]
extern "C" fn xsocket(domain: i32, ty: i32, protocol: i32) -> RawFd {
unsafe {
let fd = libc::socket(domain, ty, protocol);
if fd < 0 {
perror!("socket");
}
fd
libc::socket(domain, ty, protocol)
.as_os_result("socket", None, None)
.log_cxx()
.unwrap_or(-1)
}
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xbind(socket: i32, address: *const sockaddr, len: socklen_t) -> i32 {
let r = libc::bind(socket, address, len);
if r < 0 {
perror!("bind");
unsafe {
libc::bind(socket, address, len)
.as_os_result("bind", None, None)
.log_cxx()
.unwrap_or(-1)
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
extern "C" fn xlisten(socket: i32, backlog: i32) -> i32 {
unsafe {
let r = libc::listen(socket, backlog);
if r < 0 {
perror!("listen");
}
r
libc::listen(socket, backlog)
.as_os_result("listen", None, None)
.log_cxx()
.unwrap_or(-1)
}
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xaccept4(
sockfd: RawFd,
addr: *mut sockaddr,
len: *mut socklen_t,
flg: i32,
) -> RawFd {
let fd = libc::accept4(sockfd, addr, len, flg);
if fd < 0 {
perror!("accept4");
unsafe {
libc::accept4(sockfd, addr, len, flg)
.as_os_result("accept4", None, None)
.log_cxx()
.unwrap_or(-1)
}
fd
}
#[no_mangle]
unsafe extern "C" fn xsendmsg(fd: RawFd, msg: *const libc::msghdr, flags: i32) -> ssize_t {
let r = libc::sendmsg(fd, msg, flags);
if r < 0 {
perror!("sendmsg");
}
r
}
#[no_mangle]
unsafe extern "C" fn xrecvmsg(fd: RawFd, msg: *mut libc::msghdr, flags: i32) -> ssize_t {
let r = libc::recvmsg(fd, msg, flags);
if r < 0 {
perror!("recvmsg");
}
r
}
#[no_mangle]
unsafe extern "C" fn xaccess(path: *const c_char, mode: i32) -> i32 {
let r = libc::access(path, mode);
if r < 0 {
perror!("access {}", ptr_to_str(path));
}
r
}
#[no_mangle]
unsafe extern "C" fn xfaccessat(dirfd: RawFd, path: *const c_char, mode: i32, flags: i32) -> i32 {
#[allow(unused_mut)]
let mut r = libc::faccessat(dirfd, path, mode, flags);
if r < 0 {
perror!("faccessat {}", ptr_to_str(path));
}
#[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
if r > 0 && *errno() == 0 {
r = 0
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xstat(path: *const c_char, buf: *mut libc::stat) -> i32 {
let r = libc::stat(path, buf);
if r < 0 {
perror!("stat {}", ptr_to_str(path));
unsafe {
libc::stat(path, buf)
.as_os_result("stat", ptr_to_str(path), None)
.log_cxx()
.unwrap_or(-1)
}
r
}
#[no_mangle]
unsafe extern "C" fn xlstat(path: *const c_char, buf: *mut libc::stat) -> i32 {
let r = libc::lstat(path, buf);
if r < 0 {
perror!("lstat {}", ptr_to_str(path));
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xfstat(fd: RawFd, buf: *mut libc::stat) -> i32 {
let r = libc::fstat(fd, buf);
if r < 0 {
perror!("fstat");
unsafe {
libc::fstat(fd, buf)
.as_os_result("fstat", None, None)
.log_cxx()
.unwrap_or(-1)
}
r
}
#[no_mangle]
unsafe extern "C" fn xfstatat(
dirfd: RawFd,
path: *const c_char,
buf: *mut libc::stat,
flags: i32,
) -> i32 {
let r = libc::fstatat(dirfd, path, buf, flags);
if r < 0 {
perror!("fstatat {}", ptr_to_str(path));
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
extern "C" fn xdup(oldfd: RawFd) -> RawFd {
unsafe {
let fd = libc::dup(oldfd);
if fd < 0 {
perror!("dup");
}
fd
libc::dup(oldfd)
.as_os_result("dup", None, None)
.log_cxx()
.unwrap_or(-1)
}
}
#[no_mangle]
#[unsafe(no_mangle)]
extern "C" fn xdup2(oldfd: RawFd, newfd: RawFd) -> RawFd {
unsafe {
let fd = libc::dup2(oldfd, newfd);
if fd < 0 {
perror!("dup2");
}
fd
libc::dup2(oldfd, newfd)
.as_os_result("dup2", None, None)
.log_cxx()
.unwrap_or(-1)
}
}
#[no_mangle]
extern "C" fn xdup3(oldfd: RawFd, newfd: RawFd, flags: i32) -> RawFd {
unsafe {
let fd = libc::syscall(SYS_dup3, oldfd, newfd, flags) as RawFd;
if fd < 0 {
perror!("dup3");
}
fd
}
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xsymlink(target: *const c_char, linkpath: *const c_char) -> i32 {
let r = libc::symlink(target, linkpath);
if r < 0 {
perror!("symlink {} -> {}", ptr_to_str(target), ptr_to_str(linkpath));
unsafe {
libc::symlink(target, linkpath)
.as_os_result("symlink", ptr_to_str(target), ptr_to_str(linkpath))
.log_cxx()
.unwrap_or(-1)
}
r
}
#[no_mangle]
unsafe extern "C" fn xsymlinkat(
target: *const c_char,
dirfd: RawFd,
linkpath: *const c_char,
) -> i32 {
let r = libc::symlinkat(target, dirfd, linkpath);
if r < 0 {
perror!(
"symlinkat {} -> {}",
ptr_to_str(target),
ptr_to_str(linkpath)
);
}
r
}
#[no_mangle]
unsafe extern "C" fn xlinkat(
olddirfd: RawFd,
target: *const c_char,
newdirfd: RawFd,
linkpath: *const c_char,
flags: i32,
) -> i32 {
let r = libc::linkat(olddirfd, target, newdirfd, linkpath, flags);
if r < 0 {
perror!("linkat {} -> {}", ptr_to_str(target), ptr_to_str(linkpath));
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xmount(
src: *const c_char,
target: *const c_char,
@@ -511,125 +308,95 @@ unsafe extern "C" fn xmount(
flags: c_ulong,
data: *const c_void,
) -> i32 {
let r = libc::mount(src, target, fstype, flags, data);
if r < 0 {
perror!("mount {} -> {}", ptr_to_str(src), ptr_to_str(target));
unsafe {
libc::mount(src, target, fstype, flags, data)
.as_os_result("mount", ptr_to_str(src), ptr_to_str(target))
.log_cxx()
.unwrap_or(-1)
}
r
}
#[no_mangle]
unsafe extern "C" fn xumount(target: *const c_char) -> i32 {
let r = libc::umount(target);
if r < 0 {
perror!("umount {}", ptr_to_str(target));
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xumount2(target: *const c_char, flags: i32) -> i32 {
let r = libc::umount2(target, flags);
if r < 0 {
perror!("umount2 {}", ptr_to_str(target));
unsafe {
libc::umount2(target, flags)
.as_os_result("umount2", ptr_to_str(target), None)
.log_cxx()
.unwrap_or(-1)
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xrename(oldname: *const c_char, newname: *const c_char) -> i32 {
let r = libc::rename(oldname, newname);
if r < 0 {
perror!("rename {} -> {}", ptr_to_str(oldname), ptr_to_str(newname));
unsafe {
libc::rename(oldname, newname)
.as_os_result("rename", ptr_to_str(oldname), ptr_to_str(newname))
.log_cxx()
.unwrap_or(-1)
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xmkdir(path: *const c_char, mode: mode_t) -> i32 {
let r = libc::mkdir(path, mode);
if r < 0 && *errno() != libc::EEXIST {
perror!("mkdir {}", ptr_to_str(path));
unsafe {
match Utf8CStr::from_ptr(path) {
Ok(path) => path.mkdir(mode).log_cxx().map_or(-1, |_| 0),
Err(_) => -1,
}
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xmkdirs(path: *const c_char, mode: mode_t) -> i32 {
match Utf8CStr::from_ptr(path) {
Ok(p) => FsPath::from(p)
.mkdirs(mode)
.log_cxx_with_msg(|w| w.write_fmt(format_args!("mkdirs {} failed", p)))
.map_or(-1, |_| 0),
Err(_) => -1,
unsafe {
match Utf8CStr::from_ptr(path) {
Ok(path) => path.mkdirs(mode).log_cxx().map_or(-1, |_| 0),
Err(_) => -1,
}
}
}
#[no_mangle]
unsafe extern "C" fn xmkdirat(dirfd: RawFd, path: *const c_char, mode: mode_t) -> i32 {
let r = libc::mkdirat(dirfd, path, mode);
if r < 0 && *errno() != libc::EEXIST {
perror!("mkdirat {}", ptr_to_str(path));
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xsendfile(
out_fd: RawFd,
in_fd: RawFd,
offset: *mut off_t,
count: usize,
) -> isize {
let r = libc::sendfile(out_fd, in_fd, offset, count);
if r < 0 {
perror!("sendfile");
unsafe {
libc::sendfile(out_fd, in_fd, offset, count)
.as_os_result("sendfile", None, None)
.log_cxx()
.unwrap_or(-1)
}
r
}
#[no_mangle]
unsafe extern "C" fn xmmap(
addr: *mut c_void,
len: usize,
prot: i32,
flags: i32,
fd: RawFd,
offset: off_t,
) -> *mut c_void {
let r = libc::mmap(addr, len, prot, flags, fd, offset);
if r == libc::MAP_FAILED {
perror!("mmap");
return ptr::null_mut();
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
extern "C" fn xfork() -> i32 {
unsafe {
let r = libc::fork();
if r < 0 {
perror!("fork");
}
r
libc::fork()
.as_os_result("fork", None, None)
.log_cxx()
.unwrap_or(-1)
}
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xpoll(fds: *mut pollfd, nfds: nfds_t, timeout: i32) -> i32 {
let r = libc::poll(fds, nfds, timeout);
if r < 0 {
perror!("poll");
unsafe {
libc::poll(fds, nfds, timeout)
.as_os_result("poll", None, None)
.log_cxx()
.unwrap_or(-1)
}
r
}
#[no_mangle]
#[unsafe(no_mangle)]
unsafe extern "C" fn xmknod(pathname: *const c_char, mode: mode_t, dev: dev_t) -> i32 {
let r = libc::mknod(pathname, mode, dev);
if r < 0 {
perror!("mknod {}", ptr_to_str(pathname));
unsafe {
libc::mknod(pathname, mode, dev)
.as_os_result("mknod", ptr_to_str(pathname), None)
.log_cxx()
.unwrap_or(-1)
}
r
}

12
native/src/boot/Cargo.toml
View File

@@ -1,7 +1,7 @@
[package]
name = "magiskboot"
version = "0.0.0"
edition = "2021"
version.workspace = true
edition.workspace = true
[lib]
crate-type = ["staticlib"]
@@ -13,7 +13,7 @@ pb-rs = { workspace = true }
[dependencies]
base = { path = "../base" }
cxx = { path = "../external/cxx-rs" }
cxx = { workspace = true }
byteorder = { workspace = true }
size = { workspace = true }
quick-protobuf = { workspace = true }
@@ -30,3 +30,9 @@ der = { workspace = true, features = ["derive", "pem"] }
fdt = { workspace = true }
bytemuck = { workspace = true, features = ["derive", "min_const_generics"] }
num-traits = { workspace = true }
libz-rs-sys = { workspace = true }
libbz2-rs-sys = { workspace = true }
# Pin version to prevent cargo update break builds
block-buffer = { workspace = true }
sec1 = { workspace = true }

17
native/src/boot/bootimg.cpp
View File

@@ -431,9 +431,20 @@ bool boot_img::parse_image(const uint8_t *p, format_t type) {
}
if (k_fmt == ZIMAGE) {
z_hdr = reinterpret_cast<const zimage_hdr *>(kernel);
if (const void *gzip = memmem(kernel, hdr->kernel_size(), GZIP1_MAGIC "\x08\x00", 4)) {
const uint8_t* found_pos = 0;
for (const uint8_t* search_pos = kernel + 0x28; search_pos < kernel + hdr->kernel_size(); search_pos++) {
// ^^^^^^ +0x28 to search after zimage header and magic
if (check_fmt_lg(search_pos, hdr->kernel_size() - (search_pos - kernel)) != UNKNOWN) {
found_pos = search_pos;
search_pos = kernel + hdr->kernel_size();
}
}
if (found_pos != 0) {
fprintf(stderr, "ZIMAGE_KERNEL\n");
z_info.hdr_sz = (const uint8_t *) gzip - kernel;
z_info.hdr_sz = (const uint8_t *) found_pos - kernel;
// Find end of piggy
uint32_t zImage_size = z_hdr->end - z_hdr->start;
@@ -457,7 +468,7 @@ bool boot_img::parse_image(const uint8_t *p, format_t type) {
k_fmt = check_fmt_lg(kernel, hdr->kernel_size());
}
} else {
fprintf(stderr, "! Could not find zImage gzip piggy, keeping raw kernel\n");
fprintf(stderr, "! Could not find zImage piggy, keeping raw kernel\n");
}
}
fprintf(stderr, "%-*s [%s]\n", PADDING, "KERNEL_FMT", fmt2name[k_fmt]);

8
native/src/boot/build.rs
View File

@@ -1,9 +1,9 @@
use pb_rs::{types::FileDescriptor, ConfigBuilder};
use pb_rs::{ConfigBuilder, types::FileDescriptor};
use crate::gen::gen_cxx_binding;
use crate::codegen::gen_cxx_binding;
#[path = "../include/gen.rs"]
mod gen;
#[path = "../include/codegen.rs"]
mod codegen;
fn main() {
println!("cargo:rerun-if-changed=proto/update_metadata.proto");

287
native/src/boot/bzlib.h Normal file
View File

@@ -0,0 +1,287 @@
/*-------------------------------------------------------------*/
/*--- Public header file for the library. ---*/
/*--- bzlib.h ---*/
/*-------------------------------------------------------------*/
/* ------------------------------------------------------------------
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
bzip2/libbzip2 version 1.1.0 of 6 September 2010
Copyright (C) 1996-2010 Julian Seward <jseward@acm.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
This program is released under the terms of the license contained
in the file LICENSE.
------------------------------------------------------------------ */
#ifndef _BZLIB_H
#define _BZLIB_H
#ifdef __cplusplus
extern "C" {
#endif
#define BZ_RUN 0
#define BZ_FLUSH 1
#define BZ_FINISH 2
#define BZ_OK 0
#define BZ_RUN_OK 1
#define BZ_FLUSH_OK 2
#define BZ_FINISH_OK 3
#define BZ_STREAM_END 4
#define BZ_SEQUENCE_ERROR (-1)
#define BZ_PARAM_ERROR (-2)
#define BZ_MEM_ERROR (-3)
#define BZ_DATA_ERROR (-4)
#define BZ_DATA_ERROR_MAGIC (-5)
#define BZ_IO_ERROR (-6)
#define BZ_UNEXPECTED_EOF (-7)
#define BZ_OUTBUFF_FULL (-8)
#define BZ_CONFIG_ERROR (-9)
typedef
struct {
char *next_in;
unsigned int avail_in;
unsigned int total_in_lo32;
unsigned int total_in_hi32;
char *next_out;
unsigned int avail_out;
unsigned int total_out_lo32;
unsigned int total_out_hi32;
void *state;
void *(*bzalloc)(void *,int,int);
void (*bzfree)(void *,void *);
void *opaque;
}
bz_stream;
#ifndef BZ_IMPORT
#define BZ_EXPORT
#endif
#ifndef BZ_NO_STDIO
/* Need a definitition for FILE */
#include <stdio.h>
#endif
#ifdef _WIN32
# include <windows.h>
# ifdef small
/* windows.h define small to char */
# undef small
# endif
# ifndef WINAPI
# define WINAPI
# endif
# ifdef BZ_EXPORT
# define BZ_API(func) WINAPI func
# define BZ_EXTERN extern
# else
/* import windows dll dynamically */
# define BZ_API(func) (WINAPI * func)
# define BZ_EXTERN
# endif
#else
# define BZ_API(func) func
#endif
#ifndef BZ_EXTERN
#define BZ_EXTERN extern
#endif
/*-- Core (low-level) library functions --*/
BZ_EXTERN int BZ_API(BZ2_bzCompressInit) (
bz_stream* strm,
int blockSize100k,
int verbosity,
int workFactor
);
BZ_EXTERN int BZ_API(BZ2_bzCompress) (
bz_stream* strm,
int action
);
BZ_EXTERN int BZ_API(BZ2_bzCompressEnd) (
bz_stream* strm
);
BZ_EXTERN int BZ_API(BZ2_bzDecompressInit) (
bz_stream *strm,
int verbosity,
int small
);
BZ_EXTERN int BZ_API(BZ2_bzDecompress) (
bz_stream* strm
);
BZ_EXTERN int BZ_API(BZ2_bzDecompressEnd) (
bz_stream *strm
);
/*-- High(er) level library functions --*/
#ifndef BZ_NO_STDIO
#define BZ_MAX_UNUSED 5000
typedef void BZFILE;
BZ_EXTERN BZFILE* BZ_API(BZ2_bzReadOpen) (
int* bzerror,
FILE* f,
int verbosity,
int small,
void* unused,
int nUnused
);
BZ_EXTERN void BZ_API(BZ2_bzReadClose) (
int* bzerror,
BZFILE* b
);
BZ_EXTERN void BZ_API(BZ2_bzReadGetUnused) (
int* bzerror,
BZFILE* b,
void** unused,
int* nUnused
);
BZ_EXTERN int BZ_API(BZ2_bzRead) (
int* bzerror,
BZFILE* b,
void* buf,
int len
);
BZ_EXTERN BZFILE* BZ_API(BZ2_bzWriteOpen) (
int* bzerror,
FILE* f,
int blockSize100k,
int verbosity,
int workFactor
);
BZ_EXTERN void BZ_API(BZ2_bzWrite) (
int* bzerror,
BZFILE* b,
void* buf,
int len
);
BZ_EXTERN void BZ_API(BZ2_bzWriteClose) (
int* bzerror,
BZFILE* b,
int abandon,
unsigned int* nbytes_in,
unsigned int* nbytes_out
);
BZ_EXTERN void BZ_API(BZ2_bzWriteClose64) (
int* bzerror,
BZFILE* b,
int abandon,
unsigned int* nbytes_in_lo32,
unsigned int* nbytes_in_hi32,
unsigned int* nbytes_out_lo32,
unsigned int* nbytes_out_hi32
);
#endif
/*-- Utility functions --*/
BZ_EXTERN int BZ_API(BZ2_bzBuffToBuffCompress) (
char* dest,
unsigned int* destLen,
char* source,
unsigned int sourceLen,
int blockSize100k,
int verbosity,
int workFactor
);
BZ_EXTERN int BZ_API(BZ2_bzBuffToBuffDecompress) (
char* dest,
unsigned int* destLen,
char* source,
unsigned int sourceLen,
int small,
int verbosity
);
/*--
Code contributed by Yoshioka Tsuneo (tsuneo@rr.iij4u.or.jp)
to support better zlib compatibility.
This code is not _officially_ part of libbzip2 (yet);
I haven't tested it, documented it, or considered the
threading-safeness of it.
If this code breaks, please contact both Yoshioka and me.
--*/
BZ_EXTERN const char * BZ_API(BZ2_bzlibVersion) (
void
);
#ifndef BZ_NO_STDIO
BZ_EXTERN BZFILE * BZ_API(BZ2_bzopen) (
const char *path,
const char *mode
);
BZ_EXTERN BZFILE * BZ_API(BZ2_bzdopen) (
int fd,
const char *mode
);
BZ_EXTERN int BZ_API(BZ2_bzread) (
BZFILE* b,
void* buf,
int len
);
BZ_EXTERN int BZ_API(BZ2_bzwrite) (
BZFILE* b,
void* buf,
int len
);
BZ_EXTERN int BZ_API(BZ2_bzflush) (
BZFILE* b
);
BZ_EXTERN void BZ_API(BZ2_bzclose) (
BZFILE* b
);
BZ_EXTERN const char * BZ_API(BZ2_bzerror) (
BZFILE *b,
int *errnum
);
#endif
#ifdef __cplusplus
}
#endif
#endif
/*-------------------------------------------------------------*/
/*--- end bzlib.h ---*/
/*-------------------------------------------------------------*/

6
native/src/boot/compress.cpp
View File

@@ -2,7 +2,7 @@
#include <functional>
#include <zlib.h>
#include <bzlib.h>
#include "bzlib.h"
#include <lzma.h>
#include <lz4.h>
#include <lz4frame.h>
@@ -153,7 +153,7 @@ class zopfli_encoder : public chunk_out_stream {
public:
explicit zopfli_encoder(out_strm_ptr &&base) :
chunk_out_stream(std::move(base), ZOPFLI_MASTER_BLOCK_SIZE),
zo{}, out(nullptr), outsize(0), crc(crc32_z(0L, Z_NULL, 0)), in_total(0), bp(0) {
zo{}, out(nullptr), outsize(0), crc(crc32(0L, Z_NULL, 0)), in_total(0), bp(0) {
ZopfliInitOptions(&zo);
// This config is already better than gzip -9
@@ -198,7 +198,7 @@ protected:
auto in = static_cast<const unsigned char *>(buf);
in_total += len;
crc = crc32_z(crc, in, len);
crc = crc32(crc, in, len);
ZopfliDeflatePart(&zo, 2, final, in, 0, len, &bp, &out, &outsize);

44
native/src/boot/cpio.rs
View File

@@ -10,18 +10,18 @@ use std::process::exit;
use std::str;
use argh::FromArgs;
use bytemuck::{from_bytes, Pod, Zeroable};
use bytemuck::{Pod, Zeroable, from_bytes};
use num_traits::cast::AsPrimitive;
use size::{Base, Size, Style};
use base::libc::{
c_char, dev_t, gid_t, major, makedev, minor, mknod, mode_t, uid_t, O_CLOEXEC, O_CREAT,
O_RDONLY, O_TRUNC, O_WRONLY, S_IFBLK, S_IFCHR, S_IFDIR, S_IFLNK, S_IFMT, S_IFREG, S_IRGRP,
S_IROTH, S_IRUSR, S_IWGRP, S_IWOTH, S_IWUSR, S_IXGRP, S_IXOTH, S_IXUSR,
O_CLOEXEC, O_CREAT, O_RDONLY, O_TRUNC, O_WRONLY, S_IFBLK, S_IFCHR, S_IFDIR, S_IFLNK, S_IFMT,
S_IFREG, S_IRGRP, S_IROTH, S_IRUSR, S_IWGRP, S_IWOTH, S_IWUSR, S_IXGRP, S_IXOTH, S_IXUSR,
c_char, dev_t, gid_t, major, makedev, minor, mknod, mode_t, uid_t,
};
use base::{
log_err, map_args, BytesExt, EarlyExitExt, FsPath, LoggedResult, MappedFile, ResultExt,
Utf8CStr, Utf8CStrBufArr, Utf8CStrWrite, WriteExt,
BytesExt, EarlyExitExt, LoggedResult, MappedFile, ResultExt, Utf8CStr, Utf8CStrBuf, WriteExt,
cstr, log_err, map_args,
};
use crate::check_env;
@@ -342,13 +342,13 @@ impl Cpio {
eprintln!("Extracting entry [{}] to [{}]", path, out);
let out = Utf8CStr::from_string(out);
let out = FsPath::from(out);
let mut buf = Utf8CStrBufArr::default();
let mut buf = cstr::buf::default();
// Make sure its parent directories exist
if out.parent(&mut buf) {
FsPath::from(&buf).mkdirs(0o755)?;
if let Some(dir) = out.parent_dir() {
buf.push_str(dir);
buf.mkdirs(0o755)?;
}
let mode: mode_t = (entry.mode & 0o777).into();
@@ -362,7 +362,7 @@ impl Cpio {
S_IFLNK => {
buf.clear();
buf.push_str(str::from_utf8(entry.data.as_slice())?);
FsPath::from(&buf).symlink_to(out)?;
out.create_symlink_to(&buf)?;
}
S_IFBLK | S_IFCHR => {
let dev = makedev(entry.rdevmajor.try_into()?, entry.rdevminor.try_into()?);
@@ -399,7 +399,6 @@ impl Cpio {
return Err(log_err!("path cannot end with / for add"));
}
let file = Utf8CStr::from_string(file);
let file = FsPath::from(&file);
let attr = file.get_attr()?;
let mut content = Vec::<u8>::new();
@@ -413,8 +412,8 @@ impl Cpio {
file.open(O_RDONLY | O_CLOEXEC)?.read_to_end(&mut content)?;
mode | S_IFREG
} else {
rdevmajor = unsafe { major(attr.st.st_rdev.as_()) }.as_();
rdevminor = unsafe { minor(attr.st.st_rdev.as_()) }.as_();
rdevmajor = major(attr.st.st_rdev.as_()).as_();
rdevminor = minor(attr.st.st_rdev.as_()).as_();
if attr.is_block_device() {
mode | S_IFBLK
} else if attr.is_char_device() {
@@ -746,8 +745,7 @@ impl Display for CpioEntry {
Size::from_bytes(self.data.len())
.format()
.with_style(Style::Abbreviated)
.with_base(Base::Base10)
.to_string(),
.with_base(Base::Base10),
self.rdevmajor,
self.rdevminor,
)
@@ -755,9 +753,9 @@ impl Display for CpioEntry {
}
pub fn cpio_commands(argc: i32, argv: *const *const c_char) -> bool {
fn inner(argc: i32, argv: *const *const c_char) -> LoggedResult<()> {
let res: LoggedResult<()> = try {
if argc < 1 {
return Err(log_err!("No arguments"));
Err(log_err!("No arguments"))?;
}
let cmds = map_args(argc, argv)?;
@@ -766,7 +764,7 @@ pub fn cpio_commands(argc: i32, argv: *const *const c_char) -> bool {
CpioCli::from_args(&["magiskboot", "cpio"], &cmds).on_early_exit(print_cpio_usage);
let file = Utf8CStr::from_string(&mut cli.file);
let mut cpio = if FsPath::from(file).exists() {
let mut cpio = if file.exists() {
Cpio::load_from_file(file)?
} else {
Cpio::new()
@@ -807,7 +805,7 @@ pub fn cpio_commands(argc: i32, argv: *const *const c_char) -> bool {
CpioAction::Add(Add { mode, path, file }) => cpio.add(*mode, path, file)?,
CpioAction::Extract(Extract { paths }) => {
if !paths.is_empty() && paths.len() != 2 {
return Err(log_err!("invalid arguments"));
Err(log_err!("invalid arguments"))?;
}
let mut it = paths.iter_mut();
cpio.extract(it.next(), it.next())?;
@@ -819,10 +817,8 @@ pub fn cpio_commands(argc: i32, argv: *const *const c_char) -> bool {
};
}
cpio.dump(file)?;
Ok(())
}
inner(argc, argv)
.log_with_msg(|w| w.write_str("Failed to process cpio"))
};
res.log_with_msg(|w| w.write_str("Failed to process cpio"))
.is_ok()
}

28
native/src/boot/dtb.rs
View File

@@ -2,12 +2,12 @@ use std::{cell::UnsafeCell, process::exit};
use argh::FromArgs;
use fdt::{
Fdt, FdtError,
node::{FdtNode, NodeProperty},
Fdt,
};
use base::{
libc::c_char, log_err, map_args, EarlyExitExt, LoggedResult, MappedFile, ResultExt, Utf8CStr,
EarlyExitExt, LoggedResult, MappedFile, ResultExt, Utf8CStr, libc::c_char, log_err, map_args,
};
use crate::{check_env, patch::patch_verity};
@@ -171,15 +171,17 @@ fn for_each_fdt<F: FnMut(usize, Fdt) -> LoggedResult<()>>(
if slice.len() < 40 {
break;
}
let fdt = Fdt::new(slice)?;
let fdt = match Fdt::new(slice) {
Err(FdtError::BufferTooSmall) => {
eprintln!("dtb.{:04} is truncated", dtb_num);
break;
}
Ok(fdt) => fdt,
e => e?,
};
let size = fdt.total_size();
if size > slice.len() {
eprintln!("dtb.{:04} is truncated", dtb_num);
break;
}
f(dtb_num, fdt)?;
dtb_num += 1;
@@ -273,9 +275,9 @@ fn dtb_patch(file: &Utf8CStr) -> LoggedResult<bool> {
}
pub fn dtb_commands(argc: i32, argv: *const *const c_char) -> bool {
fn inner(argc: i32, argv: *const *const c_char) -> LoggedResult<()> {
let res: LoggedResult<()> = try {
if argc < 1 {
return Err(log_err!("No arguments"));
Err(log_err!("No arguments"))?;
}
let cmds = map_args(argc, argv)?;
@@ -299,9 +301,7 @@ pub fn dtb_commands(argc: i32, argv: *const *const c_char) -> bool {
}
}
}
Ok(())
}
inner(argc, argv)
.log_with_msg(|w| w.write_str("Failed to process dtb"))
};
res.log_with_msg(|w| w.write_str("Failed to process dtb"))
.is_ok()
}

23
native/src/boot/lib.rs
View File

@@ -1,13 +1,16 @@
#![feature(format_args_nl)]
#![feature(btree_extract_if)]
#![feature(iter_intersperse)]
#![feature(try_blocks)]
pub use base;
use cpio::cpio_commands;
use dtb::dtb_commands;
pub use libbz2_rs_sys::*;
pub use libz_rs_sys::*;
use patch::hexpatch;
use payload::extract_boot_from_payload;
use sign::{get_sha, sha1_hash, sha256_hash, sign_boot_image, verify_boot_image, SHA};
use sign::{SHA, get_sha, sha1_hash, sha256_hash, sign_boot_image, verify_boot_image};
use std::env;
mod cpio;
@@ -21,6 +24,14 @@ mod sign;
#[cxx::bridge]
pub mod ffi {
unsafe extern "C++" {
include!("../base/include/base.hpp");
#[namespace = "rust"]
#[cxx_name = "Utf8CStr"]
type Utf8CStrRef<'a> = base::ffi::Utf8CStrRef<'a>;
}
unsafe extern "C++" {
include!("compress.hpp");
fn decompress(buf: &[u8], fd: i32) -> bool;
@@ -51,10 +62,10 @@ pub mod ffi {
#[namespace = "rust"]
#[allow(unused_unsafe)]
extern "Rust" {
unsafe fn extract_boot_from_payload(
partition: *const c_char,
in_path: *const c_char,
out_path: *const c_char,
fn extract_boot_from_payload(
partition: Utf8CStrRef,
in_path: Utf8CStrRef,
out_path: Utf8CStrRef,
) -> bool;
unsafe fn cpio_commands(argc: i32, argv: *const *const c_char) -> bool;
unsafe fn verify_boot_image(img: &BootImage, cert: *const c_char) -> bool;
@@ -70,5 +81,5 @@ pub mod ffi {
#[inline(always)]
pub(crate) fn check_env(env: &str) -> bool {
env::var(env).map_or(false, |var| var == "true")
env::var(env).is_ok_and(|var| var == "true")
}

4
native/src/boot/main.cpp
View File

@@ -217,8 +217,8 @@ int main(int argc, char *argv[]) {
} else if (argc > 2 && action == "extract") {
return rust::extract_boot_from_payload(
argv[2],
argc > 3 ? argv[3] : nullptr,
argc > 4 ? argv[4] : nullptr
argc > 3 ? argv[3] : "",
argc > 4 ? argv[4] : ""
) ? 0 : 1;
} else {
usage(argv[0]);

33
native/src/boot/patch.rs
View File

@@ -63,15 +63,17 @@ fn remove_pattern(buf: &mut [u8], pattern_matcher: unsafe fn(&[u8]) -> Option<us
pub fn patch_verity(buf: &mut [u8]) -> usize {
unsafe fn match_verity_pattern(buf: &[u8]) -> Option<usize> {
match_patterns!(
buf,
b"verifyatboot",
b"verify",
b"avb_keys",
b"avb",
b"support_scfs",
b"fsverity"
)
unsafe {
match_patterns!(
buf,
b"verifyatboot",
b"verify",
b"avb_keys",
b"avb",
b"support_scfs",
b"fsverity"
)
}
}
remove_pattern(buf, match_verity_pattern)
@@ -79,7 +81,7 @@ pub fn patch_verity(buf: &mut [u8]) -> usize {
pub fn patch_encryption(buf: &mut [u8]) -> usize {
unsafe fn match_encryption_pattern(buf: &[u8]) -> Option<usize> {
match_patterns!(buf, b"forceencrypt", b"forcefdeorfbe", b"fileencryption")
unsafe { match_patterns!(buf, b"forceencrypt", b"forcefdeorfbe", b"fileencryption") }
}
remove_pattern(buf, match_encryption_pattern)
@@ -95,13 +97,13 @@ fn hex2byte(hex: &[u8]) -> Vec<u8> {
let low = bytes[1].to_ascii_uppercase() - b'0';
let h = if high > 9 { high - 7 } else { high };
let l = if low > 9 { low - 7 } else { low };
v.push(h << 4 | l);
v.push((h << 4) | l);
}
v
}
pub fn hexpatch(file: &[u8], from: &[u8], to: &[u8]) -> bool {
fn inner(file: &[u8], from: &[u8], to: &[u8]) -> LoggedResult<bool> {
let res: LoggedResult<bool> = try {
let file = Utf8CStr::from_bytes(file)?;
let from = Utf8CStr::from_bytes(from)?;
let to = Utf8CStr::from_bytes(to)?;
@@ -114,8 +116,7 @@ pub fn hexpatch(file: &[u8], from: &[u8], to: &[u8]) -> bool {
for off in &v {
eprintln!("Patch @ {:#010X} [{}] -> [{}]", off, from, to);
}
Ok(!v.is_empty())
}
inner(file, from, to).unwrap_or(false)
!v.is_empty()
};
res.unwrap_or(false)
}

59
native/src/boot/payload.rs
View File

@@ -1,17 +1,19 @@
use std::fs::File;
use std::io::{BufReader, Read, Seek, SeekFrom, Write};
use std::os::fd::{AsRawFd, FromRawFd};
use std::{
fs::File,
io::{BufReader, Read, Seek, SeekFrom, Write},
os::fd::{AsRawFd, FromRawFd},
};
use byteorder::{BigEndian, ReadBytesExt};
use quick_protobuf::{BytesReader, MessageRead};
use base::libc::c_char;
use base::{error, LoggedError, LoggedResult, ReadSeekExt, StrErr, Utf8CStr};
use base::{ResultExt, WriteExt};
use crate::ffi;
use crate::proto::update_metadata::mod_InstallOperation::Type;
use crate::proto::update_metadata::DeltaArchiveManifest;
use crate::{
ffi,
proto::update_metadata::{DeltaArchiveManifest, mod_InstallOperation::Type},
};
use base::{
LoggedError, LoggedResult, ReadSeekExt, ResultExt, Utf8CStr, WriteExt, error, ffi::Utf8CStrRef,
};
macro_rules! bad_payload {
($msg:literal) => {{
@@ -178,28 +180,23 @@ fn do_extract_boot_from_payload(
}
pub fn extract_boot_from_payload(
in_path: *const c_char,
partition: *const c_char,
out_path: *const c_char,
in_path: Utf8CStrRef,
partition: Utf8CStrRef,
out_path: Utf8CStrRef,
) -> bool {
fn inner(
in_path: *const c_char,
partition: *const c_char,
out_path: *const c_char,
) -> LoggedResult<()> {
let in_path = unsafe { Utf8CStr::from_ptr(in_path) }?;
let partition = match unsafe { Utf8CStr::from_ptr(partition) } {
Ok(s) => Some(s),
Err(StrErr::NullPointerError) => None,
Err(e) => Err(e)?,
let res: LoggedResult<()> = try {
let partition = if partition.is_empty() {
None
} else {
Some(partition)
};
let out_path = match unsafe { Utf8CStr::from_ptr(out_path) } {
Ok(s) => Some(s),
Err(StrErr::NullPointerError) => None,
Err(e) => Err(e)?,
let out_path = if out_path.is_empty() {
None
} else {
Some(out_path)
};
do_extract_boot_from_payload(in_path, partition, out_path)
.log_with_msg(|w| w.write_str("Failed to extract from payload"))
}
inner(in_path, partition, out_path).is_ok()
do_extract_boot_from_payload(in_path, partition, out_path)?
};
res.log_with_msg(|w| w.write_str("Failed to extract from payload"))
.is_ok()
}

70
native/src/boot/sign.rs
View File

@@ -15,18 +15,18 @@ use rsa::pkcs1v15::{
Signature as RsaSignature, SigningKey as RsaSigningKey, VerifyingKey as RsaVerifyingKey,
};
use rsa::pkcs8::SubjectPublicKeyInfoRef;
use rsa::signature::hazmat::{PrehashSigner, PrehashVerifier};
use rsa::signature::SignatureEncoding;
use rsa::signature::hazmat::{PrehashSigner, PrehashVerifier};
use rsa::{RsaPrivateKey, RsaPublicKey};
use sha1::Sha1;
use sha2::{Sha256, Sha384, Sha512};
use x509_cert::der::asn1::{OctetString, PrintableString};
use x509_cert::der::Any;
use x509_cert::spki::AlgorithmIdentifier;
use x509_cert::Certificate;
use x509_cert::der::Any;
use x509_cert::der::asn1::{OctetString, PrintableString};
use x509_cert::spki::AlgorithmIdentifier;
use base::libc::c_char;
use base::{log_err, LoggedResult, MappedFile, ResultExt, StrErr, Utf8CStr};
use base::{LoggedResult, MappedFile, ResultExt, StrErr, Utf8CStr, log_err};
use crate::ffi::BootImage;
@@ -157,20 +157,32 @@ struct Signer {
impl Signer {
fn from_private_key(key: &[u8]) -> LoggedResult<Signer> {
let digest: Box<dyn DynDigest>;
let key = if let Ok(rsa) = RsaPrivateKey::from_pkcs8_der(key) {
digest = Box::<Sha256>::default();
SigningKey::SHA256withRSA(RsaSigningKey::<Sha256>::new(rsa))
} else if let Ok(ec) = P256SigningKey::from_pkcs8_der(key) {
digest = Box::<Sha256>::default();
SigningKey::SHA256withECDSA(ec)
} else if let Ok(ec) = P384SigningKey::from_pkcs8_der(key) {
digest = Box::<Sha384>::default();
SigningKey::SHA384withECDSA(ec)
} else if let Ok(ec) = P521SigningKey::from_pkcs8_der(key) {
digest = Box::<Sha512>::default();
SigningKey::SHA521withECDSA(ec)
} else {
return Err(log_err!("Unsupported private key"));
let key = match RsaPrivateKey::from_pkcs8_der(key) {
Ok(rsa) => {
digest = Box::<Sha256>::default();
SigningKey::SHA256withRSA(RsaSigningKey::<Sha256>::new(rsa))
}
_ => match P256SigningKey::from_pkcs8_der(key) {
Ok(ec) => {
digest = Box::<Sha256>::default();
SigningKey::SHA256withECDSA(ec)
}
_ => match P384SigningKey::from_pkcs8_der(key) {
Ok(ec) => {
digest = Box::<Sha384>::default();
SigningKey::SHA384withECDSA(ec)
}
_ => match P521SigningKey::from_pkcs8_der(key) {
Ok(ec) => {
digest = Box::<Sha512>::default();
SigningKey::SHA521withECDSA(ec)
}
_ => {
return Err(log_err!("Unsupported private key"));
}
},
},
},
};
Ok(Signer { digest, key })
}
@@ -254,7 +266,7 @@ impl BootSignature {
}
pub fn verify_boot_image(img: &BootImage, cert: *const c_char) -> bool {
fn inner(img: &BootImage, cert: *const c_char) -> LoggedResult<()> {
let res: LoggedResult<()> = try {
let tail = img.tail();
// Don't use BootSignature::from_der because tail might have trailing zeros
let mut reader = SliceReader::new(tail)?;
@@ -268,9 +280,8 @@ pub fn verify_boot_image(img: &BootImage, cert: *const c_char) -> bool {
Err(e) => Err(e)?,
};
sig.verify(img.payload())?;
Ok(())
}
inner(img, cert).is_ok()
};
res.is_ok()
}
enum Bytes {
@@ -296,12 +307,7 @@ pub fn sign_boot_image(
cert: *const c_char,
key: *const c_char,
) -> Vec<u8> {
fn inner(
payload: &[u8],
name: *const c_char,
cert: *const c_char,
key: *const c_char,
) -> LoggedResult<Vec<u8>> {
let res: LoggedResult<Vec<u8>> = try {
// Process arguments
let name = unsafe { Utf8CStr::from_ptr(name) }?;
let cert = match unsafe { Utf8CStr::from_ptr(cert) } {
@@ -337,7 +343,7 @@ pub fn sign_boot_image(
authenticated_attributes: attr,
signature: OctetString::new(sig)?,
};
sig.to_der().log()
}
inner(payload, name, cert, key).unwrap_or_default()
sig.to_der()?
};
res.unwrap_or_default()
}

5
native/src/core/Cargo.toml
View File

@@ -1,7 +1,7 @@
[package]
name = "magisk"
version = "0.0.0"
edition = "2021"
version.workspace = true
edition.workspace = true
[lib]
crate-type = ["staticlib"]
@@ -17,6 +17,7 @@ pb-rs = { workspace = true }
[dependencies]
base = { path = "../base", features = ["selinux"] }
derive = { path = "derive" }
cxx = { workspace = true }
num-traits = { workspace = true }
num-derive = { workspace = true }

1
native/src/core/applet_stub.cpp
View File

@@ -1,7 +1,6 @@
#include <sys/stat.h>
#include <consts.hpp>
#include <selinux.hpp>
#include <base.hpp>
int main(int argc, char *argv[]) {

1
native/src/core/applets.cpp
View File

@@ -3,7 +3,6 @@
#include <sys/stat.h>
#include <consts.hpp>
#include <selinux.hpp>
#include <base.hpp>
using namespace std;

211
native/src/core/bootstages.cpp
View File

@@ -1,211 +0,0 @@
#include <sys/mount.h>
#include <sys/wait.h>
#include <sys/sysmacros.h>
#include <linux/input.h>
#include <libgen.h>
#include <set>
#include <string>
#include <consts.hpp>
#include <base.hpp>
#include <core.hpp>
#include <selinux.hpp>
using namespace std;
bool zygisk_enabled = false;
/*********
* Setup *
*********/
static bool magisk_env() {
char buf[4096];
LOGI("* Initializing Magisk environment\n");
ssprintf(buf, sizeof(buf), "%s/0/%s/install", APP_DATA_DIR, JAVA_PACKAGE_NAME);
// Alternative binaries paths
const char *alt_bin[] = { "/cache/data_adb/magisk", "/data/magisk", buf };
for (auto alt : alt_bin) {
if (access(alt, F_OK) == 0) {
rm_rf(DATABIN);
cp_afc(alt, DATABIN);
rm_rf(alt);
}
}
rm_rf("/cache/data_adb");
// Directories in /data/adb
chmod(SECURE_DIR, 0700);
xmkdir(DATABIN, 0755);
xmkdir(MODULEROOT, 0755);
xmkdir(SECURE_DIR "/post-fs-data.d", 0755);
xmkdir(SECURE_DIR "/service.d", 0755);
restorecon();
if (access(DATABIN "/busybox", X_OK))
return false;
ssprintf(buf, sizeof(buf), "%s/" BBPATH "/busybox", get_magisk_tmp());
mkdir(dirname(buf), 0755);
cp_afc(DATABIN "/busybox", buf);
exec_command_async(buf, "--install", "-s", dirname(buf));
// magisk32 and magiskpolicy are not installed into ramdisk and has to be copied
// from data to magisk tmp
if (access(DATABIN "/magisk32", X_OK) == 0) {
ssprintf(buf, sizeof(buf), "%s/magisk32", get_magisk_tmp());
cp_afc(DATABIN "/magisk32", buf);
}
if (access(DATABIN "/magiskpolicy", X_OK) == 0) {
ssprintf(buf, sizeof(buf), "%s/magiskpolicy", get_magisk_tmp());
cp_afc(DATABIN "/magiskpolicy", buf);
}
return true;
}
void unlock_blocks() {
int fd, dev, OFF = 0;
auto dir = xopen_dir("/dev/block");
if (!dir)
return;
dev = dirfd(dir.get());
for (dirent *entry; (entry = readdir(dir.get()));) {
if (entry->d_type == DT_BLK) {
if ((fd = openat(dev, entry->d_name, O_RDONLY | O_CLOEXEC)) < 0)
continue;
if (ioctl(fd, BLKROSET, &OFF) < 0)
PLOGE("unlock %s", entry->d_name);
close(fd);
}
}
}
#define test_bit(bit, array) (array[bit / 8] & (1 << (bit % 8)))
static bool check_key_combo() {
uint8_t bitmask[(KEY_MAX + 1) / 8];
vector<int> events;
constexpr char name[] = "/dev/.ev";
// First collect candidate events that accepts volume down
for (int minor = 64; minor < 96; ++minor) {
if (xmknod(name, S_IFCHR | 0444, makedev(13, minor)))
continue;
int fd = open(name, O_RDONLY | O_CLOEXEC);
unlink(name);
if (fd < 0)
continue;
memset(bitmask, 0, sizeof(bitmask));
ioctl(fd, EVIOCGBIT(EV_KEY, sizeof(bitmask)), bitmask);
if (test_bit(KEY_VOLUMEDOWN, bitmask))
events.push_back(fd);
else
close(fd);
}
if (events.empty())
return false;
run_finally fin([&]{ std::for_each(events.begin(), events.end(), close); });
// Check if volume down key is held continuously for more than 3 seconds
for (int i = 0; i < 300; ++i) {
bool pressed = false;
for (const int &fd : events) {
memset(bitmask, 0, sizeof(bitmask));
ioctl(fd, EVIOCGKEY(sizeof(bitmask)), bitmask);
if (test_bit(KEY_VOLUMEDOWN, bitmask)) {
pressed = true;
break;
}
}
if (!pressed)
return false;
// Check every 10ms
usleep(10000);
}
LOGD("KEY_VOLUMEDOWN detected: enter safe mode\n");
return true;
}
/***********************
* Boot Stage Handlers *
***********************/
bool MagiskD::post_fs_data() const noexcept {
setup_logfile();
LOGI("** post-fs-data mode running\n");
preserve_stub_apk();
if (access(SECURE_DIR, F_OK) != 0) {
if (SDK_INT < 24) {
xmkdir(SECURE_DIR, 0700);
} else {
LOGE(SECURE_DIR " is not present, abort\n");
return true;
}
}
prune_su_access();
if (!magisk_env()) {
LOGE("* Magisk environment incomplete, abort\n");
return true;
}
// Check safe mode
int bootloop_cnt = get_db_setting(DbEntryKey::BootloopCount);
// Increment the boot counter
set_db_setting(DbEntryKey::BootloopCount, bootloop_cnt + 1);
bool safe_mode = bootloop_cnt >= 2 || get_prop("persist.sys.safemode", true) == "1" ||
get_prop("ro.sys.safemode") == "1" || check_key_combo();
if (safe_mode) {
LOGI("* Safe mode triggered\n");
// Disable all modules and zygisk so next boot will be clean
disable_modules();
set_db_setting(DbEntryKey::ZygiskConfig, false);
return true;
}
exec_common_scripts("post-fs-data");
zygisk_enabled = get_db_setting(DbEntryKey::ZygiskConfig);
initialize_denylist();
setup_mounts();
handle_modules();
load_modules();
return false;
}
void MagiskD::late_start() const noexcept {
setup_logfile();
LOGI("** late_start service mode running\n");
exec_common_scripts("service");
exec_module_scripts("service");
}
void MagiskD::boot_complete() const noexcept {
setup_logfile();
LOGI("** boot-complete triggered\n");
// Reset the bootloop counter once we have boot-complete
set_db_setting(DbEntryKey::BootloopCount, 0);
// At this point it's safe to create the folder
if (access(SECURE_DIR, F_OK) != 0)
xmkdir(SECURE_DIR, 0700);
// Ensure manager exists
get_manager(0, nullptr, true);
reset_zygisk(true);
}

8
native/src/core/build.rs
View File

@@ -1,9 +1,9 @@
use pb_rs::{types::FileDescriptor, ConfigBuilder};
use pb_rs::{ConfigBuilder, types::FileDescriptor};
use crate::gen::gen_cxx_binding;
use crate::codegen::gen_cxx_binding;
#[path = "../include/gen.rs"]
mod gen;
#[path = "../include/codegen.rs"]
mod codegen;
fn main() {
println!("cargo:rerun-if-changed=resetprop/proto/persistent_properties.proto");

223
native/src/core/daemon.cpp
View File

@@ -2,11 +2,12 @@
#include <libgen.h>
#include <sys/un.h>
#include <sys/mount.h>
#include <sys/sysmacros.h>
#include <linux/input.h>
#include <consts.hpp>
#include <base.hpp>
#include <core.hpp>
#include <selinux.hpp>
#include <flags.h>
using namespace std;
@@ -127,30 +128,57 @@ static void poll_ctrl_handler(pollfd *pfd) {
}
}
void MagiskD::reboot() const noexcept {
if (is_recovery())
exec_command_sync("/system/bin/reboot", "recovery");
else
exec_command_sync("/system/bin/reboot");
bool get_client_cred(int fd, sock_cred *cred) {
socklen_t len = sizeof(ucred);
if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, cred, &len) != 0)
return false;
char buf[4096];
len = sizeof(buf);
if (getsockopt(fd, SOL_SOCKET, SO_PEERSEC, buf, &len) != 0)
len = 0;
buf[len] = '\0';
cred->context = buf;
return true;
}
bool read_string(int fd, std::string &str) {
str.clear();
int len = read_int(fd);
str.resize(len);
return xxread(fd, str.data(), len) == len;
}
string read_string(int fd) {
string str;
read_string(fd, str);
return str;
}
void write_string(int fd, string_view str) {
if (fd < 0) return;
write_int(fd, str.size());
xwrite(fd, str.data(), str.size());
}
static void handle_request_async(int client, int code, const sock_cred &cred) {
auto &daemon = MagiskD::Get();
switch (code) {
case +RequestCode::DENYLIST:
denylist_handler(client, &cred);
break;
case +RequestCode::SUPERUSER:
su_daemon_handler(client, &cred);
daemon.su_daemon_handler(client, cred);
break;
case +RequestCode::ZYGOTE_RESTART:
case +RequestCode::ZYGOTE_RESTART: {
LOGI("** zygote restarted\n");
MagiskD().prune_su_access();
daemon.prune_su_access();
scan_deny_apps();
reset_zygisk(false);
daemon.zygisk_reset(false);
close(client);
break;
}
case +RequestCode::SQLITE_CMD:
MagiskD().db_exec(client);
daemon.db_exec(client);
break;
case +RequestCode::REMOVE_MODULES: {
int do_reboot = read_int(client);
@@ -158,12 +186,12 @@ static void handle_request_async(int client, int code, const sock_cred &cred) {
write_int(client, 0);
close(client);
if (do_reboot) {
MagiskD().reboot();
daemon.reboot();
}
break;
}
case +RequestCode::ZYGISK:
zygisk_handler(client, &cred);
daemon.zygisk_handler(client);
break;
default:
__builtin_unreachable();
@@ -285,24 +313,11 @@ static void handle_request(pollfd *pfd) {
exec_task([=, fd = client.release()] { handle_request_async(fd, code, cred); });
} else {
exec_task([=, fd = client.release()] {
MagiskD().boot_stage_handler(fd, code);
MagiskD::Get().boot_stage_handler(fd, code);
});
}
}
static void switch_cgroup(const char *cgroup, int pid) {
char buf[32];
ssprintf(buf, sizeof(buf), "%s/cgroup.procs", cgroup);
if (access(buf, F_OK) != 0)
return;
int fd = xopen(buf, O_WRONLY | O_APPEND | O_CLOEXEC);
if (fd == -1)
return;
ssprintf(buf, sizeof(buf), "%d\n", pid);
xwrite(fd, buf, strlen(buf));
close(fd);
}
static void daemon_entry() {
android_logging();
@@ -324,51 +339,15 @@ static void daemon_entry() {
if (fd > STDERR_FILENO)
close(fd);
setsid();
setcon(MAGISK_PROC_CON);
rust::daemon_entry();
SDK_INT = MagiskD().sdk_int();
// Escape from cgroup
int pid = getpid();
switch_cgroup("/acct", pid);
switch_cgroup("/dev/cg2_bpf", pid);
switch_cgroup("/sys/fs/cgroup", pid);
if (get_prop("ro.config.per_app_memcg") != "false") {
switch_cgroup("/dev/memcg/apps", pid);
}
SDK_INT = MagiskD::Get().sdk_int();
// Get self stat
xstat("/proc/self/exe", &self_st);
// Samsung workaround #7887
if (access("/system_ext/app/mediatek-res/mediatek-res.apk", F_OK) == 0) {
set_prop("ro.vendor.mtk_model", "0");
}
restore_tmpcon();
// Cleanups
const char *tmp = get_magisk_tmp();
char path[64];
ssprintf(path, sizeof(path), "%s/" ROOTMNT, tmp);
if (access(path, F_OK) == 0) {
file_readline(true, path, [](string_view line) -> bool {
umount2(line.data(), MNT_DETACH);
return true;
});
}
if (getenv("REMOUNT_ROOT")) {
xmount(nullptr, "/", nullptr, MS_REMOUNT | MS_RDONLY, nullptr);
unsetenv("REMOUNT_ROOT");
}
ssprintf(path, sizeof(path), "%s/" ROOTOVL, tmp);
rm_rf(path);
fd = xsocket(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0);
sockaddr_un addr = {.sun_family = AF_LOCAL};
ssprintf(addr.sun_path, sizeof(addr.sun_path), "%s/" MAIN_SOCKET, tmp);
ssprintf(addr.sun_path, sizeof(addr.sun_path), "%s/" MAIN_SOCKET, get_magisk_tmp());
unlink(addr.sun_path);
if (xbind(fd, (sockaddr *) &addr, sizeof(addr)))
exit(1);
@@ -378,7 +357,6 @@ static void daemon_entry() {
default_new(poll_map);
default_new(poll_fds);
default_new(module_list);
// Register handler for main socket
pollfd main_socket_pfd = { fd, POLLIN, 0 };
@@ -455,3 +433,116 @@ int connect_daemon(int req, bool create) {
}
return fd;
}
bool setup_magisk_env() {
char buf[4096];
LOGI("* Initializing Magisk environment\n");
ssprintf(buf, sizeof(buf), "%s/0/%s/install", APP_DATA_DIR, JAVA_PACKAGE_NAME);
// Alternative binaries paths
const char *alt_bin[] = { "/cache/data_adb/magisk", "/data/magisk", buf };
for (auto alt : alt_bin) {
if (access(alt, F_OK) == 0) {
rm_rf(DATABIN);
cp_afc(alt, DATABIN);
rm_rf(alt);
}
}
rm_rf("/cache/data_adb");
// Directories in /data/adb
chmod(SECURE_DIR, 0700);
xmkdir(DATABIN, 0755);
xmkdir(MODULEROOT, 0755);
xmkdir(SECURE_DIR "/post-fs-data.d", 0755);
xmkdir(SECURE_DIR "/service.d", 0755);
restorecon();
if (access(DATABIN "/busybox", X_OK))
return false;
ssprintf(buf, sizeof(buf), "%s/" BBPATH "/busybox", get_magisk_tmp());
mkdir(dirname(buf), 0755);
cp_afc(DATABIN "/busybox", buf);
exec_command_async(buf, "--install", "-s", dirname(buf));
// magisk32 and magiskpolicy are not installed into ramdisk and has to be copied
// from data to magisk tmp
if (access(DATABIN "/magisk32", X_OK) == 0) {
ssprintf(buf, sizeof(buf), "%s/magisk32", get_magisk_tmp());
cp_afc(DATABIN "/magisk32", buf);
}
if (access(DATABIN "/magiskpolicy", X_OK) == 0) {
ssprintf(buf, sizeof(buf), "%s/magiskpolicy", get_magisk_tmp());
cp_afc(DATABIN "/magiskpolicy", buf);
}
return true;
}
void unlock_blocks() {
int fd, dev, OFF = 0;
auto dir = xopen_dir("/dev/block");
if (!dir)
return;
dev = dirfd(dir.get());
for (dirent *entry; (entry = readdir(dir.get()));) {
if (entry->d_type == DT_BLK) {
if ((fd = openat(dev, entry->d_name, O_RDONLY | O_CLOEXEC)) < 0)
continue;
if (ioctl(fd, BLKROSET, &OFF) < 0)
PLOGE("unlock %s", entry->d_name);
close(fd);
}
}
}
#define test_bit(bit, array) (array[bit / 8] & (1 << (bit % 8)))
bool check_key_combo() {
uint8_t bitmask[(KEY_MAX + 1) / 8];
vector<int> events;
constexpr char name[] = "/dev/.ev";
// First collect candidate events that accepts volume down
for (int minor = 64; minor < 96; ++minor) {
if (xmknod(name, S_IFCHR | 0444, makedev(13, minor)))
continue;
int fd = open(name, O_RDONLY | O_CLOEXEC);
unlink(name);
if (fd < 0)
continue;
memset(bitmask, 0, sizeof(bitmask));
ioctl(fd, EVIOCGBIT(EV_KEY, sizeof(bitmask)), bitmask);
if (test_bit(KEY_VOLUMEDOWN, bitmask))
events.push_back(fd);
else
close(fd);
}
if (events.empty())
return false;
run_finally fin([&]{ std::for_each(events.begin(), events.end(), close); });
// Check if volume down key is held continuously for more than 3 seconds
for (int i = 0; i < 300; ++i) {
bool pressed = false;
for (const int &fd : events) {
memset(bitmask, 0, sizeof(bitmask));
ioctl(fd, EVIOCGKEY(sizeof(bitmask)), bitmask);
if (test_bit(KEY_VOLUMEDOWN, bitmask)) {
pressed = true;
break;
}
}
if (!pressed)
return false;
// Check every 10ms
usleep(10000);
}
LOGD("KEY_VOLUMEDOWN detected: enter safe mode\n");
return true;
}

290
native/src/core/daemon.rs
View File

@@ -1,19 +1,24 @@
use crate::consts::{MAGISK_FULL_VER, MAIN_CONFIG};
use crate::consts::{MAGISK_FULL_VER, MAGISK_PROC_CON, MAIN_CONFIG, ROOTMNT, ROOTOVL, SECURE_DIR};
use crate::db::Sqlite3;
use crate::ffi::{get_magisk_tmp, RequestCode};
use crate::get_prop;
use crate::logging::{magisk_logging, start_log_daemon};
use crate::package::ManagerInfo;
use base::libc::{O_CLOEXEC, O_RDONLY};
use base::{
cstr, info, libc, open_fd, BufReadExt, Directory, FsPath, FsPathBuf, LoggedResult, ReadExt,
Utf8CStr, Utf8CStrBufArr,
use crate::ffi::{
DbEntryKey, ModuleInfo, RequestCode, check_key_combo, disable_modules, exec_common_scripts,
exec_module_scripts, get_magisk_tmp, initialize_denylist, setup_magisk_env,
};
use bit_set::BitSet;
use bytemuck::bytes_of;
use std::fs::File;
use std::io;
use std::io::{BufReader, Read, Write};
use crate::logging::{magisk_logging, setup_logfile, start_log_daemon};
use crate::mount::{clean_mounts, setup_mounts};
use crate::package::ManagerInfo;
use crate::selinux::restore_tmpcon;
use crate::su::SuInfo;
use crate::{get_prop, set_prop};
use base::libc::{O_APPEND, O_CLOEXEC, O_RDONLY, O_WRONLY};
use base::{
AtomicArc, BufReadExt, FsPathBuilder, ResultExt, Utf8CStr, Utf8CStrBuf, cstr, error, info, libc,
};
use std::fmt::Write as FmtWrite;
use std::io::{BufReader, Write};
use std::os::unix::net::UnixStream;
use std::process::Command;
use std::sync::atomic::{AtomicBool, AtomicU32, Ordering};
use std::sync::{Mutex, OnceLock};
// Global magiskd singleton
@@ -60,14 +65,23 @@ pub struct MagiskD {
pub sql_connection: Mutex<Option<Sqlite3>>,
pub manager_info: Mutex<ManagerInfo>,
boot_stage_lock: Mutex<BootStateFlags>,
pub module_list: OnceLock<Vec<ModuleInfo>>,
pub zygiskd_sockets: Mutex<(Option<UnixStream>, Option<UnixStream>)>,
pub zygisk_enabled: AtomicBool,
pub zygote_start_count: AtomicU32,
pub cached_su_info: AtomicArc<SuInfo>,
sdk_int: i32,
pub is_emulator: bool,
is_recovery: bool,
}
impl MagiskD {
pub fn is_recovery(&self) -> bool {
self.is_recovery
pub fn get() -> &'static MagiskD {
unsafe { MAGISKD.get().unwrap_unchecked() }
}
pub fn zygisk_enabled(&self) -> bool {
self.zygisk_enabled.load(Ordering::Acquire)
}
pub fn sdk_int(&self) -> i32 {
@@ -82,39 +96,87 @@ impl MagiskD {
}
}
// app_id = app_no + AID_APP_START
// app_no range: [0, 9999]
pub fn get_app_no_list(&self) -> BitSet {
let mut list = BitSet::new();
let _: LoggedResult<()> = try {
let mut app_data_dir = Directory::open(self.app_data_dir())?;
// For each user
loop {
let entry = match app_data_dir.read()? {
None => break,
Some(e) => e,
};
let mut user_dir = match entry.open_as_dir() {
Err(_) => continue,
Ok(dir) => dir,
};
// For each package
loop {
match user_dir.read()? {
None => break,
Some(e) => {
let attr = e.get_attr()?;
let app_id = to_app_id(attr.st.st_uid as i32);
if (AID_APP_START..=AID_APP_END).contains(&app_id) {
let app_no = app_id - AID_APP_START;
list.insert(app_no as usize);
}
}
}
}
fn post_fs_data(&self) -> bool {
setup_logfile();
info!("** post-fs-data mode running");
self.preserve_stub_apk();
// Check secure dir
let secure_dir = cstr!(SECURE_DIR);
if !secure_dir.exists() {
if self.sdk_int < 24 {
secure_dir.mkdir(0o700).log_ok();
} else {
error!("* {} is not present, abort", SECURE_DIR);
return true;
}
};
list
}
self.prune_su_access();
if !setup_magisk_env() {
error!("* Magisk environment incomplete, abort");
return true;
}
// Check safe mode
let boot_cnt = self.get_db_setting(DbEntryKey::BootloopCount);
self.set_db_setting(DbEntryKey::BootloopCount, boot_cnt + 1)
.log()
.ok();
let safe_mode = boot_cnt >= 2
|| get_prop(cstr!("persist.sys.safemode"), true) == "1"
|| get_prop(cstr!("ro.sys.safemode"), false) == "1"
|| check_key_combo();
if safe_mode {
info!("* Safe mode triggered");
// Disable all modules and zygisk so next boot will be clean
disable_modules();
self.set_db_setting(DbEntryKey::ZygiskConfig, 0).log_ok();
return true;
}
exec_common_scripts(cstr!("post-fs-data"));
self.zygisk_enabled.store(
self.get_db_setting(DbEntryKey::ZygiskConfig) != 0,
Ordering::Release,
);
initialize_denylist();
setup_mounts();
let modules = self.handle_modules();
self.module_list.set(modules).ok();
clean_mounts();
false
}
fn late_start(&self) {
setup_logfile();
info!("** late_start service mode running");
exec_common_scripts(cstr!("service"));
if let Some(module_list) = self.module_list.get() {
exec_module_scripts(cstr!("service"), module_list);
}
}
fn boot_complete(&self) {
setup_logfile();
info!("** boot-complete triggered");
// Reset the bootloop counter once we have boot-complete
self.set_db_setting(DbEntryKey::BootloopCount, 0).log_ok();
// At this point it's safe to create the folder
let secure_dir = cstr!(SECURE_DIR);
if !secure_dir.exists() {
secure_dir.mkdir(0o700).log_ok();
}
self.ensure_manager();
self.zygisk_reset(true)
}
pub fn boot_stage_handler(&self, client: i32, code: i32) {
@@ -152,9 +214,26 @@ impl MagiskD {
}
}
}
pub fn reboot(&self) {
if self.is_recovery {
Command::new("/system/bin/reboot").arg("recovery").status()
} else {
Command::new("/system/bin/reboot").status()
}
.ok();
}
}
pub fn daemon_entry() {
unsafe { libc::setsid() };
// Make sure the current context is magisk
if let Ok(mut current) = cstr!("/proc/self/attr/current").open(O_WRONLY | O_CLOEXEC) {
let con = cstr!(MAGISK_PROC_CON);
current.write_all(con.as_bytes_with_nul()).log_ok();
}
start_log_daemon();
magisk_logging();
info!("Magisk {} daemon started", MAGISK_FULL_VER);
@@ -164,14 +243,13 @@ pub fn daemon_entry() {
|| get_prop(cstr!("ro.product.device"), false).contains("vsoc");
// Load config status
let mut buf = Utf8CStrBufArr::<64>::new();
let path = FsPathBuf::new(&mut buf)
.join(get_magisk_tmp())
.join(MAIN_CONFIG);
let magisk_tmp = get_magisk_tmp();
let mut tmp_path = cstr::buf::new::<64>()
.join_path(magisk_tmp)
.join_path(MAIN_CONFIG);
let mut is_recovery = false;
if let Ok(file) = path.open(O_RDONLY | O_CLOEXEC) {
let mut file = BufReader::new(file);
file.foreach_props(|key, val| {
if let Ok(main_config) = tmp_path.open(O_RDONLY | O_CLOEXEC) {
BufReader::new(main_config).foreach_props(|key, val| {
if key == "RECOVERYMODE" {
is_recovery = val == "true";
return false;
@@ -179,11 +257,11 @@ pub fn daemon_entry() {
true
});
}
tmp_path.truncate(magisk_tmp.len());
let mut sdk_int = -1;
if let Ok(file) = FsPath::from(cstr!("/system/build.prop")).open(O_RDONLY | O_CLOEXEC) {
let mut file = BufReader::new(file);
file.foreach_props(|key, val| {
if let Ok(build_prop) = cstr!("/system/build.prop").open(O_RDONLY | O_CLOEXEC) {
BufReader::new(build_prop).foreach_props(|key, val| {
if key == "ro.build.version.sdk" {
sdk_int = val.parse::<i32>().unwrap_or(-1);
return false;
@@ -199,18 +277,70 @@ pub fn daemon_entry() {
}
info!("* Device API level: {}", sdk_int);
restore_tmpcon().log_ok();
// Escape from cgroup
let pid = unsafe { libc::getpid() };
switch_cgroup("/acct", pid);
switch_cgroup("/dev/cg2_bpf", pid);
switch_cgroup("/sys/fs/cgroup", pid);
if get_prop(cstr!("ro.config.per_app_memcg"), false) != "false" {
switch_cgroup("/dev/memcg/apps", pid);
}
// Samsung workaround #7887
if cstr!("/system_ext/app/mediatek-res/mediatek-res.apk").exists() {
set_prop(cstr!("ro.vendor.mtk_model"), cstr!("0"), false);
}
// Cleanup pre-init mounts
tmp_path.append_path(ROOTMNT);
if let Ok(mount_list) = tmp_path.open(O_RDONLY | O_CLOEXEC) {
BufReader::new(mount_list).foreach_lines(|line| {
let item = Utf8CStr::from_string(line);
item.unmount().log_ok();
true
})
}
tmp_path.truncate(magisk_tmp.len());
// Remount rootfs as read-only if requested
if std::env::var_os("REMOUNT_ROOT").is_some() {
cstr!("/").remount_mount_flags(libc::MS_RDONLY).log_ok();
unsafe { std::env::remove_var("REMOUNT_ROOT") };
}
// Remove all pre-init overlay files to free-up memory
tmp_path.append_path(ROOTOVL);
tmp_path.remove_all().log_ok();
tmp_path.truncate(magisk_tmp.len());
let magiskd = MagiskD {
sdk_int,
is_emulator,
is_recovery,
zygote_start_count: AtomicU32::new(1),
..Default::default()
};
MAGISKD.set(magiskd).ok();
}
fn switch_cgroup(cgroup: &str, pid: i32) {
let mut buf = cstr::buf::new::<64>()
.join_path(cgroup)
.join_path("cgroup.procs");
if !buf.exists() {
return;
}
if let Ok(mut file) = buf.open(O_WRONLY | O_APPEND | O_CLOEXEC) {
buf.clear();
buf.write_fmt(format_args!("{}", pid)).ok();
file.write_all(buf.as_bytes()).log_ok();
}
}
fn check_data() -> bool {
if let Ok(fd) = open_fd!(cstr!("/proc/mounts"), O_RDONLY | O_CLOEXEC) {
let file = File::from(fd);
if let Ok(file) = cstr!("/proc/mounts").open(O_RDONLY | O_CLOEXEC) {
let mut mnt = false;
BufReader::new(file).foreach_lines(|line| {
if line.contains(" /data ") && !line.contains("tmpfs") {
@@ -238,43 +368,3 @@ fn check_data() -> bool {
}
false
}
pub fn get_magiskd() -> &'static MagiskD {
unsafe { MAGISKD.get().unwrap_unchecked() }
}
pub trait IpcRead {
fn ipc_read_int(&mut self) -> io::Result<i32>;
fn ipc_read_string(&mut self) -> io::Result<String>;
}
impl<T: Read> IpcRead for T {
fn ipc_read_int(&mut self) -> io::Result<i32> {
let mut val: i32 = 0;
self.read_pod(&mut val)?;
Ok(val)
}
fn ipc_read_string(&mut self) -> io::Result<String> {
let len = self.ipc_read_int()?;
let mut val = "".to_string();
self.take(len as u64).read_to_string(&mut val)?;
Ok(val)
}
}
pub trait IpcWrite {
fn ipc_write_int(&mut self, val: i32) -> io::Result<()>;
fn ipc_write_string(&mut self, val: &str) -> io::Result<()>;
}
impl<T: Write> IpcWrite for T {
fn ipc_write_int(&mut self, val: i32) -> io::Result<()> {
self.write_all(bytes_of(&val))
}
fn ipc_write_string(&mut self, val: &str) -> io::Result<()> {
self.ipc_write_int(val.len() as i32)?;
self.write_all(val.as_bytes())
}
}

130
native/src/core/db.rs
View File

@@ -1,10 +1,13 @@
#![allow(improper_ctypes, improper_ctypes_definitions)]
use crate::daemon::{IpcRead, IpcWrite, MagiskD, MAGISKD};
use crate::daemon::{MAGISKD, MagiskD};
use crate::ffi::{
open_and_init_db, sqlite3, sqlite3_errstr, DbEntryKey, DbSettings, DbStatement, DbValues,
MntNsMode, MultiuserMode, RootAccess,
DbEntryKey, DbStatement, DbValues, MntNsMode, open_and_init_db, sqlite3, sqlite3_errstr,
};
use crate::socket::{IpcRead, IpcWrite};
use DbArg::{Integer, Text};
use base::{LoggedResult, ResultExt, Utf8CStr};
use num_derive::FromPrimitive;
use num_traits::FromPrimitive;
use std::ffi::c_void;
use std::fs::File;
use std::io::{BufReader, BufWriter};
@@ -13,7 +16,6 @@ use std::pin::Pin;
use std::ptr;
use std::ptr::NonNull;
use thiserror::Error;
use DbArg::{Integer, Text};
fn sqlite_err_str(code: i32) -> &'static Utf8CStr {
// SAFETY: sqlite3 always returns UTF-8 strings
@@ -54,16 +56,33 @@ where
}
}
impl Default for RootAccess {
fn default() -> Self {
RootAccess::AppsAndAdb
}
#[derive(Default)]
pub struct DbSettings {
pub root_access: RootAccess,
pub multiuser_mode: MultiuserMode,
pub mnt_ns: MntNsMode,
pub boot_count: i32,
pub denylist: bool,
pub zygisk: bool,
}
impl Default for MultiuserMode {
fn default() -> Self {
MultiuserMode::OwnerOnly
}
#[repr(i32)]
#[derive(Default, FromPrimitive)]
pub enum RootAccess {
Disabled,
AppsOnly,
AdbOnly,
#[default]
AppsAndAdb,
}
#[repr(i32)]
#[derive(Default, FromPrimitive)]
pub enum MultiuserMode {
#[default]
OwnerOnly,
OwnerManaged,
User,
}
impl Default for MntNsMode {
@@ -72,10 +91,6 @@ impl Default for MntNsMode {
}
}
pub fn get_default_db_settings() -> DbSettings {
DbSettings::default()
}
impl DbEntryKey {
fn to_str(self) -> &'static str {
match self {
@@ -103,8 +118,10 @@ impl SqlTable for DbSettings {
}
}
match key {
"root_access" => self.root_access = RootAccess { repr: value },
"multiuser_mode" => self.multiuser_mode = MultiuserMode { repr: value },
"root_access" => self.root_access = RootAccess::from_i32(value).unwrap_or_default(),
"multiuser_mode" => {
self.multiuser_mode = MultiuserMode::from_i32(value).unwrap_or_default()
}
"mnt_ns" => self.mnt_ns = MntNsMode { repr: value },
"denylist" => self.denylist = value != 0,
"zygisk" => self.zygisk = value != 0,
@@ -121,7 +138,7 @@ unsafe impl Send for Sqlite3 {}
type SqlBindCallback = Option<unsafe extern "C" fn(*mut c_void, i32, Pin<&mut DbStatement>) -> i32>;
type SqlExecCallback = Option<unsafe extern "C" fn(*mut c_void, &[String], &DbValues)>;
extern "C" {
unsafe extern "C" {
fn sql_exec_impl(
db: *mut sqlite3,
sql: &str,
@@ -143,16 +160,18 @@ struct DbArgs<'a> {
}
unsafe extern "C" fn bind_arguments(v: *mut c_void, idx: i32, stmt: Pin<&mut DbStatement>) -> i32 {
let args = &mut *(v as *mut DbArgs<'_>);
if args.curr < args.args.len() {
let arg = &args.args[args.curr];
args.curr += 1;
match *arg {
Text(v) => stmt.bind_text(idx, v),
Integer(v) => stmt.bind_int64(idx, v),
unsafe {
let args = &mut *(v as *mut DbArgs<'_>);
if args.curr < args.args.len() {
let arg = &args.args[args.curr];
args.curr += 1;
match *arg {
Text(v) => stmt.bind_text(idx, v),
Integer(v) => stmt.bind_int64(idx, v),
}
} else {
0
}
} else {
0
}
}
@@ -161,8 +180,10 @@ unsafe extern "C" fn read_db_row<T: SqlTable>(
columns: &[String],
values: &DbValues,
) {
let table = &mut *(v as *mut T);
table.on_row(columns, values);
unsafe {
let table = &mut *(v as *mut T);
table.on_row(columns, values);
}
}
impl MagiskD {
@@ -172,10 +193,9 @@ impl MagiskD {
let raw_db = open_and_init_db();
*db = NonNull::new(raw_db).map(Sqlite3);
}
if let Some(ref mut db) = *db {
f(db.0.as_ptr())
} else {
-1
match *db {
Some(ref mut db) => f(db.0.as_ptr()),
_ => -1,
}
}
@@ -229,8 +249,8 @@ impl MagiskD {
pub fn get_db_setting(&self, key: DbEntryKey) -> i32 {
// Get default values
let mut val = match key {
DbEntryKey::RootAccess => RootAccess::default().repr,
DbEntryKey::SuMultiuserMode => MultiuserMode::default().repr,
DbEntryKey::RootAccess => RootAccess::default() as i32,
DbEntryKey::SuMultiuserMode => MultiuserMode::default() as i32,
DbEntryKey::SuMntNs => MntNsMode::default().repr,
DbEntryKey::DenylistConfig => 0,
DbEntryKey::ZygiskConfig => self.is_emulator as i32,
@@ -285,7 +305,7 @@ impl MagiskD {
fn db_exec_for_client(&self, fd: OwnedFd) -> LoggedResult<()> {
let mut file = File::from(fd);
let mut reader = BufReader::new(&mut file);
let sql = reader.ipc_read_string()?;
let sql: String = reader.read_decodable()?;
let mut writer = BufWriter::new(&mut file);
let mut output_fn = |columns: &[String], values: &DbValues| {
let mut out = "".to_string();
@@ -297,22 +317,14 @@ impl MagiskD {
out.push('=');
out.push_str(values.get_text(i as i32));
}
writer.ipc_write_string(&out).log().ok();
writer.write_encodable(&out).log_ok();
};
self.db_exec_with_rows(&sql, &[], &mut output_fn);
writer.ipc_write_string("").log()
writer.write_encodable("").log()
}
}
impl MagiskD {
pub fn get_db_settings_for_cxx(&self, cfg: &mut DbSettings) -> bool {
cfg.zygisk = self.is_emulator;
self.db_exec_with_rows("SELECT * FROM settings", &[], cfg)
.sql_result()
.log()
.is_ok()
}
pub fn set_db_setting_for_cxx(&self, key: DbEntryKey, value: i32) -> bool {
self.set_db_setting(key, value).log().is_ok()
}
@@ -324,7 +336,7 @@ impl MagiskD {
}
}
#[export_name = "sql_exec_rs"]
#[unsafe(export_name = "sql_exec_rs")]
unsafe extern "C" fn sql_exec_for_cxx(
sql: &str,
bind_callback: SqlBindCallback,
@@ -332,14 +344,16 @@ unsafe extern "C" fn sql_exec_for_cxx(
exec_callback: SqlExecCallback,
exec_cookie: *mut c_void,
) -> i32 {
MAGISKD.get().unwrap_unchecked().with_db(|db| {
sql_exec_impl(
db,
sql,
bind_callback,
bind_cookie,
exec_callback,
exec_cookie,
)
})
unsafe {
MAGISKD.get().unwrap_unchecked().with_db(|db| {
sql_exec_impl(
db,
sql,
bind_callback,
bind_cookie,
exec_callback,
exec_cookie,
)
})
}
}

28
native/src/core/deny/utils.cpp
View File

@@ -108,12 +108,11 @@ static bool proc_name_match(int pid, string_view name) {
bool proc_context_match(int pid, string_view context) {
char buf[PATH_MAX];
sprintf(buf, "/proc/%d/attr/current", pid);
if (auto fp = open_file(buf, "re")) {
fgets(buf, sizeof(buf), fp.get());
if (str_starts(buf, context)) {
return true;
}
char con[1024] = {0};
sprintf(buf, "/proc/%d", pid);
if (lgetfilecon(buf, byte_data{ con, sizeof(con) })) {
return str_starts(con, context);
}
return false;
}
@@ -370,7 +369,7 @@ int enable_deny() {
denylist_enforced = true;
if (!zygisk_enabled) {
if (!MagiskD::Get().zygisk_enabled()) {
if (new_daemon_thread(&logcat)) {
denylist_enforced = false;
return DenyResponse::ERROR;
@@ -385,7 +384,7 @@ int enable_deny() {
}
}
MagiskD().set_db_setting(DbEntryKey::DenylistConfig, true);
MagiskD::Get().set_db_setting(DbEntryKey::DenylistConfig, true);
return DenyResponse::OK;
}
@@ -393,13 +392,13 @@ int disable_deny() {
if (denylist_enforced.exchange(false)) {
LOGI("* Disable DenyList\n");
}
MagiskD().set_db_setting(DbEntryKey::DenylistConfig, false);
MagiskD::Get().set_db_setting(DbEntryKey::DenylistConfig, false);
return DenyResponse::OK;
}
void initialize_denylist() {
if (!denylist_enforced) {
if (MagiskD().get_db_setting(DbEntryKey::DenylistConfig))
if (MagiskD::Get().get_db_setting(DbEntryKey::DenylistConfig))
enable_deny();
}
}
@@ -429,3 +428,12 @@ bool is_deny_target(int uid, string_view process) {
}
return false;
}
void update_deny_flags(int uid, rust::Str process, uint32_t &flags) {
if (is_deny_target(uid, { process.begin(), process.end() })) {
flags |= +ZygiskStateFlags::ProcessOnDenyList;
}
if (denylist_enforced) {
flags |= +ZygiskStateFlags::DenyListEnforced;
}
}

13
native/src/core/derive/Cargo.toml Normal file
View File

@@ -0,0 +1,13 @@
[package]
name = "derive"
version.workspace = true
edition.workspace = true
[lib]
path = "lib.rs"
proc-macro = true
[dependencies]
syn = { workspace = true }
quote = { workspace = true }
proc-macro2 = { workspace = true }

124
native/src/core/derive/decodable.rs Normal file
View File

@@ -0,0 +1,124 @@
use proc_macro2::TokenStream;
use quote::{quote, quote_spanned};
use syn::spanned::Spanned;
use syn::{Data, DeriveInput, Fields, GenericParam, parse_macro_input, parse_quote};
pub(crate) fn derive_decodable(input: proc_macro::TokenStream) -> proc_macro::TokenStream {
let input = parse_macro_input!(input as DeriveInput);
let name = input.ident;
// Add a bound `T: Decodable` to every type parameter T.
let mut generics = input.generics;
for param in &mut generics.params {
if let GenericParam::Type(ref mut type_param) = *param {
type_param
.bounds
.push(parse_quote!(crate::socket::Decodable));
}
}
let (impl_generics, ty_generics, where_clause) = generics.split_for_impl();
let sum = gen_size_sum(&input.data);
let encode = gen_encode(&input.data);
let decode = gen_decode(&input.data);
let expanded = quote! {
// The generated impl.
impl #impl_generics crate::socket::Encodable for #name #ty_generics #where_clause {
fn encoded_len(&self) -> usize {
#sum
}
fn encode(&self, w: &mut impl std::io::Write) -> std::io::Result<()> {
#encode
Ok(())
}
}
impl #impl_generics crate::socket::Decodable for #name #ty_generics #where_clause {
fn decode(r: &mut impl std::io::Read) -> std::io::Result<Self> {
let val = #decode;
Ok(val)
}
}
};
proc_macro::TokenStream::from(expanded)
}
// Generate an expression to sum up the size of each field.
fn gen_size_sum(data: &Data) -> TokenStream {
match *data {
Data::Struct(ref data) => {
match data.fields {
Fields::Named(ref fields) => {
// Expands to an expression like
//
// 0 + self.x.encoded_len() + self.y.encoded_len() + self.z.encoded_len()
let recurse = fields.named.iter().map(|f| {
let name = &f.ident;
quote_spanned! { f.span() =>
crate::socket::Encodable::encoded_len(&self.#name)
}
});
quote! {
0 #(+ #recurse)*
}
}
_ => unimplemented!(),
}
}
Data::Enum(_) | Data::Union(_) => unimplemented!(),
}
}
// Generate an expression to encode each field.
fn gen_encode(data: &Data) -> TokenStream {
match *data {
Data::Struct(ref data) => {
match data.fields {
Fields::Named(ref fields) => {
// Expands to an expression like
//
// self.x.encode(w)?; self.y.encode(w)?; self.z.encode(w)?;
let recurse = fields.named.iter().map(|f| {
let name = &f.ident;
quote_spanned! { f.span() =>
crate::socket::Encodable::encode(&self.#name, w)?;
}
});
quote! {
#(#recurse)*
}
}
_ => unimplemented!(),
}
}
Data::Enum(_) | Data::Union(_) => unimplemented!(),
}
}
// Generate an expression to decode each field.
fn gen_decode(data: &Data) -> TokenStream {
match *data {
Data::Struct(ref data) => {
match data.fields {
Fields::Named(ref fields) => {
// Expands to an expression like
//
// Self { x: Decodable::decode(r)?, y: Decodable::decode(r)?, }
let recurse = fields.named.iter().map(|f| {
let name = &f.ident;
quote_spanned! { f.span() =>
#name: crate::socket::Decodable::decode(r)?,
}
});
quote! {
Self { #(#recurse)* }
}
}
_ => unimplemented!(),
}
}
Data::Enum(_) | Data::Union(_) => unimplemented!(),
}
}

8
native/src/core/derive/lib.rs Normal file
View File

@@ -0,0 +1,8 @@
use proc_macro::TokenStream;
mod decodable;
#[proc_macro_derive(Decodable)]
pub fn derive_decodable(input: TokenStream) -> TokenStream {
decodable::derive_decodable(input)
}

83
native/src/core/include/core.hpp
View File

@@ -1,5 +1,6 @@
#pragma once
#include <sys/socket.h>
#include <pthread.h>
#include <poll.h>
#include <string>
@@ -7,7 +8,8 @@
#include <atomic>
#include <functional>
#include "socket.hpp"
#include <base.hpp>
#include "../core-rs.hpp"
#define AID_ROOT 0
@@ -26,21 +28,56 @@ enum class RespondCode : int {
END
};
struct module_info {
std::string name;
int z32 = -1;
#if defined(__LP64__)
int z64 = -1;
#endif
};
struct ModuleInfo;
extern bool zygisk_enabled;
extern std::vector<module_info> *module_list;
extern std::string native_bridge;
void reset_zygisk(bool restore);
// Daemon
int connect_daemon(int req, bool create = false);
const char *get_magisk_tmp();
void unlock_blocks();
bool setup_magisk_env();
bool check_key_combo();
void restore_zygisk_prop();
// Sockets
struct sock_cred : public ucred {
std::string context;
};
template<typename T> requires(std::is_trivially_copyable_v<T>)
T read_any(int fd) {
T val;
if (xxread(fd, &val, sizeof(val)) != sizeof(val))
return -1;
return val;
}
template<typename T> requires(std::is_trivially_copyable_v<T>)
void write_any(int fd, T val) {
if (fd < 0) return;
xwrite(fd, &val, sizeof(val));
}
bool get_client_cred(int fd, sock_cred *cred);
static inline int read_int(int fd) { return read_any<int>(fd); }
static inline void write_int(int fd, int val) { write_any(fd, val); }
std::string read_string(int fd);
bool read_string(int fd, std::string &str);
void write_string(int fd, std::string_view str);
template<typename T> requires(std::is_trivially_copyable_v<T>)
void write_vector(int fd, const std::vector<T> &vec) {
write_int(fd, vec.size());
xwrite(fd, vec.data(), vec.size() * sizeof(T));
}
template<typename T> requires(std::is_trivially_copyable_v<T>)
bool read_vector(int fd, std::vector<T> &vec) {
int size = read_int(fd);
vec.resize(size);
return xread(fd, vec.data(), size * sizeof(T)) == size * sizeof(T);
}
// Poll control
using poll_callback = void(*)(pollfd*);
@@ -54,20 +91,17 @@ void exec_task(std::function<void()> &&task);
// Daemon handlers
void denylist_handler(int client, const sock_cred *cred);
void su_daemon_handler(int client, const sock_cred *cred);
void zygisk_handler(int client, const sock_cred *cred);
// Module stuffs
void handle_modules();
void load_modules();
void disable_modules();
void remove_modules();
void exec_module_scripts(const char *stage);
// Scripting
void install_apk(rust::Utf8CStr apk);
void uninstall_pkg(rust::Utf8CStr pkg);
void exec_common_scripts(rust::Utf8CStr stage);
void exec_module_scripts(rust::Utf8CStr stage, const rust::Vec<ModuleInfo> &module_list);
void exec_script(const char *script);
void exec_common_scripts(const char *stage);
void exec_module_scripts(const char *stage, const std::vector<std::string_view> &modules);
void clear_pkg(const char *pkg, int user_id);
[[noreturn]] void install_module(const char *file);
@@ -78,3 +112,16 @@ void initialize_denylist();
void scan_deny_apps();
bool is_deny_target(int uid, std::string_view process);
void revert_unmount(int pid = -1) noexcept;
void update_deny_flags(int uid, rust::Str process, uint32_t &flags);
// MagiskSU
void exec_root_shell(int client, int pid, SuRequest &req, MntNsMode mode);
void app_log(const SuAppRequest &info, SuPolicy policy, bool notify);
void app_notify(const SuAppRequest &info, SuPolicy policy);
int app_request(const SuAppRequest &info);
// Rust bindings
static inline rust::Utf8CStr get_magisk_tmp_rs() { return get_magisk_tmp(); }
static inline rust::String resolve_preinit_dir_rs(rust::Utf8CStr base_dir) {
return resolve_preinit_dir(base_dir.c_str());
}

13
native/src/core/include/daemon.hpp
View File

@@ -1,13 +0,0 @@
#pragma once
#include <base.hpp>
const char *get_magisk_tmp();
void install_apk(rust::Utf8CStr apk);
void uninstall_pkg(rust::Utf8CStr pkg);
// Rust bindings
static inline rust::Utf8CStr get_magisk_tmp_rs() { return get_magisk_tmp(); }
static inline rust::String resolve_preinit_dir_rs(rust::Utf8CStr base_dir) {
return resolve_preinit_dir(base_dir.c_str());
}

16
native/src/core/include/selinux.hpp
View File

@@ -1,16 +0,0 @@
#pragma once
#include <base.hpp>
int setcon(const char *con);
int getfilecon(const char *path, byte_data con);
int lgetfilecon(const char *path, byte_data con);
int fgetfilecon(int fd, byte_data con);
int setfilecon(const char *path, const char *con);
int lsetfilecon(const char *path, const char *con);
int fsetfilecon(int fd, const char *con);
int getfilecon_at(int dirfd, const char *name, byte_data con);
void setfilecon_at(int dirfd, const char *name, const char *con);
void restorecon();
void restore_tmpcon();

38
native/src/core/include/socket.hpp
View File

@@ -1,38 +0,0 @@
#pragma once
#include <sys/un.h>
#include <sys/socket.h>
#include <string_view>
#include <string>
#include <vector>
struct sock_cred : public ucred {
std::string context;
};
bool get_client_cred(int fd, sock_cred *cred);
std::vector<int> recv_fds(int sockfd);
int recv_fd(int sockfd);
int send_fds(int sockfd, const int *fds, int cnt);
int send_fd(int sockfd, int fd);
int read_int(int fd);
int read_int_be(int fd);
void write_int(int fd, int val);
void write_int_be(int fd, int val);
std::string read_string(int fd);
bool read_string(int fd, std::string &str);
void write_string(int fd, std::string_view str);
template<typename T> requires(std::is_trivially_copyable_v<T>)
void write_vector(int fd, const std::vector<T> &vec) {
write_int(fd, static_cast<int>(vec.size()));
xwrite(fd, vec.data(), vec.size() * sizeof(T));
}
template<typename T> requires(std::is_trivially_copyable_v<T>)
bool read_vector(int fd, std::vector<T> &vec) {
int size = read_int(fd);
if (size == -1) return false;
vec.resize(size);
return xread(fd, vec.data(), size * sizeof(T)) == size * sizeof(T);
}

246
native/src/core/lib.rs
View File

@@ -2,15 +2,27 @@
#![feature(try_blocks)]
#![feature(let_chains)]
#![feature(fn_traits)]
#![feature(unix_socket_ancillary_data)]
#![feature(unix_socket_peek)]
#![allow(clippy::missing_safety_doc)]
use base::Utf8CStr;
use daemon::{daemon_entry, get_magiskd, MagiskD};
use db::get_default_db_settings;
use crate::ffi::SuRequest;
use crate::socket::Encodable;
use base::{Utf8CStr, libc};
use cxx::{ExternType, type_id};
use daemon::{MagiskD, daemon_entry};
use derive::Decodable;
use logging::{android_logging, setup_logfile, zygisk_close_logd, zygisk_get_logd, zygisk_logging};
use mount::{clean_mounts, find_preinit_device, revert_unmount, setup_mounts};
use mount::{find_preinit_device, revert_unmount};
use resetprop::{persist_delete_prop, persist_get_prop, persist_get_props, persist_set_prop};
use su::get_default_root_settings;
use selinux::{lgetfilecon, lsetfilecon, restorecon, setfilecon};
use socket::{recv_fd, recv_fds, send_fd, send_fds};
use std::fs::File;
use std::mem::ManuallyDrop;
use std::ops::DerefMut;
use std::os::fd::FromRawFd;
use su::{get_pty_num, pump_tty, restore_stdin};
use zygisk::zygisk_should_load_module;
#[path = "../include/consts.rs"]
mod consts;
@@ -20,8 +32,12 @@ mod logging;
mod mount;
mod package;
mod resetprop;
mod selinux;
mod socket;
mod su;
mod zygisk;
#[allow(clippy::needless_lifetimes)]
#[cxx::bridge]
pub mod ffi {
#[repr(i32)]
@@ -49,12 +65,80 @@ pub mod ffi {
END,
}
enum DbEntryKey {
RootAccess,
SuMultiuserMode,
SuMntNs,
DenylistConfig,
ZygiskConfig,
BootloopCount,
SuManager,
}
#[repr(i32)]
enum MntNsMode {
Global,
Requester,
Isolate,
}
#[repr(i32)]
enum SuPolicy {
Query,
Deny,
Allow,
}
struct ModuleInfo {
name: String,
z32: i32,
z64: i32,
}
#[repr(i32)]
enum ZygiskRequest {
GetInfo,
ConnectCompanion,
GetModDir,
}
#[repr(u32)]
enum ZygiskStateFlags {
ProcessGrantedRoot = 0x00000001,
ProcessOnDenyList = 0x00000002,
DenyListEnforced = 0x40000000,
ProcessIsMagiskApp = 0x80000000,
}
#[derive(Decodable)]
struct SuRequest {
target_uid: i32,
target_pid: i32,
login: bool,
keep_env: bool,
shell: String,
command: String,
context: String,
gids: Vec<u32>,
}
struct SuAppRequest<'a> {
uid: i32,
pid: i32,
eval_uid: i32,
mgr_pkg: &'a str,
mgr_uid: i32,
request: &'a SuRequest,
}
extern "C++" {
include!("include/resetprop.hpp");
#[cxx_name = "prop_cb"]
type PropCb;
unsafe fn get_prop_rs(name: *const c_char, persist: bool) -> String;
#[cxx_name = "set_prop"]
unsafe fn set_prop_rs(name: *const c_char, value: *const c_char, skip_svc: bool) -> i32;
unsafe fn prop_cb_exec(
cb: Pin<&mut PropCb>,
name: *const c_char,
@@ -67,153 +151,133 @@ pub mod ffi {
#[namespace = "rust"]
#[cxx_name = "Utf8CStr"]
type Utf8CStrRef<'a> = base::ffi::Utf8CStrRef<'a>;
#[cxx_name = "ucred"]
type UCred = crate::UCred;
include!("include/daemon.hpp");
include!("include/core.hpp");
#[cxx_name = "get_magisk_tmp_rs"]
fn get_magisk_tmp() -> Utf8CStrRef<'static>;
#[cxx_name = "resolve_preinit_dir_rs"]
fn resolve_preinit_dir(base_dir: Utf8CStrRef) -> String;
fn setup_magisk_env() -> bool;
fn check_key_combo() -> bool;
fn disable_modules();
fn exec_common_scripts(stage: Utf8CStrRef);
fn exec_module_scripts(state: Utf8CStrRef, modules: &Vec<ModuleInfo>);
fn install_apk(apk: Utf8CStrRef);
fn uninstall_pkg(apk: Utf8CStrRef);
fn update_deny_flags(uid: i32, process: &str, flags: &mut u32);
fn initialize_denylist();
fn restore_zygisk_prop();
fn switch_mnt_ns(pid: i32) -> i32;
}
fn app_request(req: &SuAppRequest) -> i32;
fn app_notify(req: &SuAppRequest, policy: SuPolicy);
fn app_log(req: &SuAppRequest, policy: SuPolicy, notify: bool);
fn exec_root_shell(client: i32, pid: i32, req: &mut SuRequest, mode: MntNsMode);
enum DbEntryKey {
RootAccess,
SuMultiuserMode,
SuMntNs,
DenylistConfig,
ZygiskConfig,
BootloopCount,
SuManager,
}
#[repr(i32)]
enum RootAccess {
Disabled,
AppsOnly,
AdbOnly,
AppsAndAdb,
}
#[repr(i32)]
enum MultiuserMode {
OwnerOnly,
OwnerManaged,
User,
}
#[repr(i32)]
enum MntNsMode {
Global,
Requester,
Isolate,
}
#[derive(Default)]
struct DbSettings {
root_access: RootAccess,
multiuser_mode: MultiuserMode,
mnt_ns: MntNsMode,
boot_count: i32,
denylist: bool,
zygisk: bool,
}
#[repr(i32)]
enum SuPolicy {
Query,
Deny,
Allow,
}
struct RootSettings {
policy: SuPolicy,
log: bool,
notify: bool,
}
unsafe extern "C++" {
include!("include/sqlite.hpp");
fn sqlite3_errstr(code: i32) -> *const c_char;
type sqlite3;
fn open_and_init_db() -> *mut sqlite3;
type DbValues;
type DbStatement;
fn sqlite3_errstr(code: i32) -> *const c_char;
fn open_and_init_db() -> *mut sqlite3;
fn get_int(self: &DbValues, index: i32) -> i32;
#[cxx_name = "get_str"]
fn get_text(self: &DbValues, index: i32) -> &str;
fn bind_text(self: Pin<&mut DbStatement>, index: i32, val: &str) -> i32;
fn bind_int64(self: Pin<&mut DbStatement>, index: i32, val: i64) -> i32;
}
extern "Rust" {
fn rust_test_entry();
fn android_logging();
fn zygisk_logging();
fn zygisk_close_logd();
fn zygisk_get_logd() -> i32;
fn setup_logfile();
fn setup_mounts();
fn clean_mounts();
fn find_preinit_device() -> String;
fn revert_unmount(pid: i32);
fn zygisk_should_load_module(flags: u32) -> bool;
unsafe fn persist_get_prop(name: Utf8CStrRef, prop_cb: Pin<&mut PropCb>);
unsafe fn persist_get_props(prop_cb: Pin<&mut PropCb>);
unsafe fn persist_delete_prop(name: Utf8CStrRef) -> bool;
unsafe fn persist_set_prop(name: Utf8CStrRef, value: Utf8CStrRef) -> bool;
fn send_fd(socket: i32, fd: i32) -> bool;
fn send_fds(socket: i32, fds: &[i32]) -> bool;
fn recv_fd(socket: i32) -> i32;
fn recv_fds(socket: i32) -> Vec<i32>;
unsafe fn write_to_fd(self: &SuRequest, fd: i32);
fn pump_tty(infd: i32, outfd: i32);
fn get_pty_num(fd: i32) -> i32;
fn restore_stdin() -> bool;
fn restorecon();
fn lgetfilecon(path: Utf8CStrRef, con: &mut [u8]) -> bool;
fn setfilecon(path: Utf8CStrRef, con: Utf8CStrRef) -> bool;
fn lsetfilecon(path: Utf8CStrRef, con: Utf8CStrRef) -> bool;
#[namespace = "rust"]
fn daemon_entry();
}
// Default constructors
extern "Rust" {
#[Self = SuRequest]
#[cxx_name = "New"]
fn default() -> SuRequest;
}
// FFI for MagiskD
extern "Rust" {
type MagiskD;
fn is_recovery(&self) -> bool;
fn reboot(&self);
fn sdk_int(&self) -> i32;
fn zygisk_enabled(&self) -> bool;
fn boot_stage_handler(&self, client: i32, code: i32);
fn preserve_stub_apk(&self);
fn zygisk_handler(&self, client: i32);
fn zygisk_reset(&self, restore: bool);
fn prune_su_access(&self);
fn uid_granted_root(&self, mut uid: i32) -> bool;
fn su_daemon_handler(&self, client: i32, cred: &UCred);
#[cxx_name = "get_manager"]
unsafe fn get_manager_for_cxx(&self, user: i32, ptr: *mut CxxString, install: bool) -> i32;
#[cxx_name = "get_db_settings"]
fn get_db_settings_for_cxx(&self, cfg: &mut DbSettings) -> bool;
fn get_db_setting(&self, key: DbEntryKey) -> i32;
#[cxx_name = "set_db_setting"]
fn set_db_setting_for_cxx(&self, key: DbEntryKey, value: i32) -> bool;
#[cxx_name = "db_exec"]
fn db_exec_for_cxx(&self, client_fd: i32);
#[cxx_name = "get_root_settings"]
fn get_root_settings_for_cxx(&self, uid: i32, settings: &mut RootSettings) -> bool;
#[cxx_name = "DbSettings"]
fn get_default_db_settings() -> DbSettings;
#[cxx_name = "RootSettings"]
fn get_default_root_settings() -> RootSettings;
#[cxx_name = "MagiskD"]
fn get_magiskd() -> &'static MagiskD;
#[Self = MagiskD]
#[cxx_name = "Get"]
fn get() -> &'static MagiskD;
}
unsafe extern "C++" {
#[allow(dead_code)]
fn reboot(self: &MagiskD);
fn post_fs_data(self: &MagiskD) -> bool;
fn late_start(self: &MagiskD);
fn boot_complete(self: &MagiskD);
fn handle_modules(self: &MagiskD) -> Vec<ModuleInfo>;
}
}
fn rust_test_entry() {}
#[repr(transparent)]
pub struct UCred(pub libc::ucred);
unsafe impl ExternType for UCred {
type Id = type_id!("ucred");
type Kind = cxx::kind::Trivial;
}
impl SuRequest {
unsafe fn write_to_fd(&self, fd: i32) {
unsafe {
let mut w = ManuallyDrop::new(File::from_raw_fd(fd));
self.encode(w.deref_mut()).ok();
}
}
}
pub fn get_prop(name: &Utf8CStr, persist: bool) -> String {
unsafe { ffi::get_prop_rs(name.as_ptr(), persist) }
}
pub fn set_prop(name: &Utf8CStr, value: &Utf8CStr, skip_svc: bool) -> bool {
unsafe { ffi::set_prop_rs(name.as_ptr(), value.as_ptr(), skip_svc) == 0 }
}

72
native/src/core/logging.rs
View File

@@ -1,15 +1,15 @@
use crate::consts::{LOGFILE, LOG_PIPE};
use crate::consts::{LOG_PIPE, LOGFILE};
use crate::ffi::get_magisk_tmp;
use crate::logging::LogFile::{Actual, Buffer};
use base::libc::{
getpid, gettid, localtime_r, pthread_sigmask, sigaddset, sigset_t, sigtimedwait, time_t,
timespec, tm, O_CLOEXEC, O_RDWR, O_WRONLY, PIPE_BUF, SIGPIPE, SIG_BLOCK, SIG_SETMASK,
O_CLOEXEC, O_RDWR, O_WRONLY, PIPE_BUF, SIG_BLOCK, SIG_SETMASK, SIGPIPE, getpid, gettid,
localtime_r, pthread_sigmask, sigaddset, sigset_t, sigtimedwait, time_t, timespec, tm,
};
use base::{
const_format::concatcp, libc, raw_cstr, FsPathBuf, LogLevel, Logger, ReadExt, SharedFd,
Utf8CStr, Utf8CStrBuf, Utf8CStrBufArr, Utf8CStrWrite, LOGGER,
FsPathBuilder, LOGGER, LogLevel, Logger, ReadExt, Utf8CStr, Utf8CStrBuf, WriteExt,
const_format::concatcp, cstr, libc, raw_cstr,
};
use bytemuck::{bytes_of, write_zeroes, Pod, Zeroable};
use bytemuck::{Pod, Zeroable, bytes_of, write_zeroes};
use num_derive::{FromPrimitive, ToPrimitive};
use num_traits::FromPrimitive;
use std::cmp::min;
@@ -18,10 +18,10 @@ use std::fmt::Write as FmtWrite;
use std::fs::File;
use std::io::{IoSlice, Read, Write};
use std::mem::ManuallyDrop;
use std::os::fd::{FromRawFd, OwnedFd, RawFd};
use std::os::fd::{FromRawFd, RawFd};
use std::ptr::null_mut;
use std::sync::atomic::{AtomicI32, Ordering};
use std::sync::Mutex;
use std::sync::{Arc, Mutex};
use std::time::{SystemTime, UNIX_EPOCH};
use std::{fs, io};
@@ -42,7 +42,7 @@ enum ALogPriority {
type ThreadEntry = extern "C" fn(*mut c_void) -> *mut c_void;
extern "C" {
unsafe extern "C" {
fn __android_log_write(prio: i32, tag: *const c_char, msg: *const c_char);
fn strftime(buf: *mut c_char, len: usize, fmt: *const c_char, tm: *const tm) -> usize;
fn new_daemon_thread(entry: ThreadEntry, arg: *mut c_void);
@@ -114,7 +114,7 @@ struct LogMeta {
const MAX_MSG_LEN: usize = PIPE_BUF - size_of::<LogMeta>();
fn write_log_to_pipe(logd: &mut File, prio: i32, msg: &Utf8CStr) -> io::Result<usize> {
fn write_log_to_pipe(mut logd: &File, prio: i32, msg: &Utf8CStr) -> io::Result<usize> {
// Truncate message if needed
let len = min(MAX_MSG_LEN, msg.len());
let msg = &msg.as_bytes()[..len];
@@ -130,29 +130,28 @@ fn write_log_to_pipe(logd: &mut File, prio: i32, msg: &Utf8CStr) -> io::Result<u
let io2 = IoSlice::new(msg);
let result = logd.write_vectored(&[io1, io2]);
if let Err(ref e) = result {
let mut buf = Utf8CStrBufArr::default();
buf.write_fmt(format_args_nl!("Cannot write_log_to_pipe: {}", e))
let mut buf = cstr::buf::default();
buf.write_fmt(format_args!("Cannot write_log_to_pipe: {}", e))
.ok();
android_log_write(LogLevel::Error, &buf);
}
result
}
static MAGISK_LOGD_FD: Mutex<SharedFd> = Mutex::new(SharedFd::new());
static MAGISK_LOGD_FD: Mutex<Option<Arc<File>>> = Mutex::new(None);
fn with_logd_fd<F: FnOnce(&mut File) -> io::Result<()>>(f: F) {
fn with_logd_fd<R, F: FnOnce(&File) -> io::Result<R>>(f: F) {
let fd = MAGISK_LOGD_FD.lock().unwrap().clone();
// SAFETY: writing less than PIPE_BUF bytes is guaranteed to be atomic on Linux
if let Some(mut logd) = unsafe { fd.as_file() } {
if f(&mut logd).is_err() {
if let Some(logd) = fd {
if f(&logd).is_err() {
// If any error occurs, shut down the logd pipe
*MAGISK_LOGD_FD.lock().unwrap() = SharedFd::default();
*MAGISK_LOGD_FD.lock().unwrap() = None;
}
}
}
fn magisk_log_to_pipe(prio: i32, msg: &Utf8CStr) {
with_logd_fd(|logd| write_log_to_pipe(logd, prio, msg).map(|_| ()));
with_logd_fd(|logd| write_log_to_pipe(logd, prio, msg));
}
// SAFETY: zygisk client code runs single threaded, so no need to prevent data race
@@ -181,10 +180,9 @@ pub fn zygisk_get_logd() -> i32 {
let mut fd = ZYGISK_LOGD.load(Ordering::Relaxed);
if fd < 0 {
android_logging();
let mut buf = Utf8CStrBufArr::default();
let path = FsPathBuf::new(&mut buf)
.join(get_magisk_tmp())
.join(LOG_PIPE);
let path = cstr::buf::default()
.join_path(get_magisk_tmp())
.join_path(LOG_PIPE);
// Open as RW as sometimes it may block
fd = unsafe { libc::open(path.as_ptr(), O_RDWR | O_CLOEXEC) };
if fd >= 0 {
@@ -217,8 +215,8 @@ fn zygisk_log_to_pipe(prio: i32, msg: &Utf8CStr) {
pthread_sigmask(SIG_BLOCK, &mask, &mut orig_mask);
}
let mut logd = ManuallyDrop::new(unsafe { File::from_raw_fd(fd) });
let result = write_log_to_pipe(&mut logd, prio, msg);
let logd = ManuallyDrop::new(unsafe { File::from_raw_fd(fd) });
let result = write_log_to_pipe(&logd, prio, msg);
// Consume SIGPIPE if exists, then restore mask
unsafe {
@@ -270,7 +268,7 @@ extern "C" fn logfile_writer(arg: *mut c_void) -> *mut c_void {
let mut meta = LogMeta::zeroed();
let mut msg_buf = [0u8; MAX_MSG_LEN];
let mut aux = Utf8CStrBufArr::<64>::new();
let mut aux = cstr::buf::new::<64>();
loop {
// Read request
@@ -320,12 +318,7 @@ extern "C" fn logfile_writer(arg: *mut c_void) -> *mut c_void {
if localtime_r(&secs, &mut tm).is_null() {
continue;
}
let len = strftime(
aux.mut_buf().as_mut_ptr().cast(),
aux.capacity(),
raw_cstr!("%m-%d %T"),
&tm,
);
let len = strftime(aux.as_mut_ptr(), aux.capacity(), raw_cstr!("%m-%d %T"), &tm);
aux.set_len(len);
aux.write_fmt(format_args!(
".{:03} {:5} {:5} {} : ",
@@ -347,34 +340,33 @@ extern "C" fn logfile_writer(arg: *mut c_void) -> *mut c_void {
writer_loop(arg as RawFd).ok();
// If any error occurs, shut down the logd pipe
*MAGISK_LOGD_FD.lock().unwrap() = SharedFd::default();
*MAGISK_LOGD_FD.lock().unwrap() = None;
null_mut()
}
pub fn setup_logfile() {
with_logd_fd(|logd| {
with_logd_fd(|mut logd| {
let meta = LogMeta {
prio: -1,
len: 0,
pid: 0,
tid: 0,
};
logd.write_all(bytes_of(&meta))
(&mut logd).write_pod(&meta)
});
}
pub fn start_log_daemon() {
let mut buf = Utf8CStrBufArr::default();
let path = FsPathBuf::new(&mut buf)
.join(get_magisk_tmp())
.join(LOG_PIPE);
let path = cstr::buf::default()
.join_path(get_magisk_tmp())
.join_path(LOG_PIPE);
unsafe {
libc::mkfifo(path.as_ptr(), 0o666);
libc::chown(path.as_ptr(), 0, 0);
let read = libc::open(path.as_ptr(), O_RDWR | O_CLOEXEC);
let write = libc::open(path.as_ptr(), O_WRONLY | O_CLOEXEC);
*MAGISK_LOGD_FD.lock().unwrap() = SharedFd::from(OwnedFd::from_raw_fd(write));
*MAGISK_LOGD_FD.lock().unwrap() = Some(Arc::new(File::from_raw_fd(write)));
new_daemon_thread(logfile_writer, read as *mut c_void);
}
}

1
native/src/core/magisk.cpp
View File

@@ -4,7 +4,6 @@
#include <base.hpp>
#include <consts.hpp>
#include <core.hpp>
#include <selinux.hpp>
#include <flags.h>
using namespace std;

78
native/src/core/module.cpp
View File

@@ -7,7 +7,6 @@
#include <base.hpp>
#include <consts.hpp>
#include <core.hpp>
#include <selinux.hpp>
#include "node.hpp"
@@ -86,7 +85,7 @@ bool dir_node::prepare() {
return upgrade_to_tmpfs;
}
void dir_node::collect_module_files(const char *module, int dfd) {
void dir_node::collect_module_files(std::string_view module, int dfd) {
auto dir = xopen_dir(xopenat(dfd, name().data(), O_RDONLY | O_CLOEXEC));
if (!dir)
return;
@@ -149,7 +148,9 @@ void module_node::mount() {
VLOGD("delete", "null", node_path().data());
return;
}
std::string path = module + (parent()->root()->prefix + node_path());
std::string path{module.begin(), module.end()};
path += parent()->root()->prefix;
path += node_path();
string mnt_src = module_mnt + path;
{
string src = MODULEROOT "/" + path;
@@ -231,10 +232,21 @@ private:
};
static void inject_magisk_bins(root_node *system) {
auto bin = system->get_child<inter_node>("bin");
dir_node* bin = system->get_child<inter_node>("bin");
if (!bin) {
bin = new inter_node("bin");
system->insert(bin);
struct stat st{};
bin = system;
for (auto &item: split(getenv("PATH"), ":")) {
item.erase(0, item.starts_with("/system/") ? 8 : 1);
auto system_path = "/system/" + item;
if (stat(system_path.data(), &st) == 0 && st.st_mode & S_IXOTH) {
for (const auto &dir: split(item, "/")) {
auto node = bin->get_child<inter_node>(dir);
bin = node ? node : bin->emplace<inter_node>(dir, dir.data());
}
break;
}
}
}
// Insert binaries
@@ -267,9 +279,7 @@ static void inject_zygisk_libs(root_node *system) {
}
}
vector<module_info> *module_list;
void load_modules() {
static void load_modules(bool zygisk_enabled, const rust::Vec<ModuleInfo> &module_list) {
node_entry::module_mnt = get_magisk_tmp() + "/"s MODULEMNT "/";
auto root = make_unique<root_node>("");
@@ -278,14 +288,14 @@ void load_modules() {
char buf[4096];
LOGI("* Loading modules\n");
for (const auto &m : *module_list) {
const char *module = m.name.data();
char *b = buf + ssprintf(buf, sizeof(buf), "%s/" MODULEMNT "/%s/", get_magisk_tmp(), module);
for (const auto &m : module_list) {
char *b = buf + ssprintf(buf, sizeof(buf), "%s/" MODULEMNT "/%.*s/",
get_magisk_tmp(), (int) m.name.size(), m.name.data());
// Read props
strcpy(b, "system.prop");
if (access(buf, F_OK) == 0) {
LOGI("%s: loading [system.prop]\n", module);
LOGI("%.*s: loading [system.prop]\n", (int) m.name.size(), m.name.data());
// Do NOT go through property service as it could cause boot lock
load_prop_file(buf, true);
}
@@ -300,10 +310,10 @@ void load_modules() {
if (access(buf, F_OK) != 0)
continue;
LOGI("%s: loading mount files\n", module);
LOGI("%.*s: loading mount files\n", (int) m.name.size(), m.name.data());
b[-1] = '\0';
int fd = xopen(buf, O_RDONLY | O_CLOEXEC);
system->collect_module_files(module, fd);
system->collect_module_files({ m.name.begin(), m.name.end() }, fd);
close(fd);
}
if (get_magisk_tmp() != "/sbin"sv || !str_contains(getenv("PATH") ?: "", "/sbin")) {
@@ -341,9 +351,6 @@ void load_modules() {
root->prepare();
root->mount();
}
// cleanup mounts
clean_mounts();
}
/************************
@@ -392,8 +399,9 @@ static void foreach_module(Func fn) {
}
}
static void collect_modules(bool open_zygisk) {
foreach_module([=](int dfd, dirent *entry, int modfd) {
static rust::Vec<ModuleInfo> collect_modules(bool zygisk_enabled, bool open_zygisk) {
rust::Vec<ModuleInfo> modules;
foreach_module([&](int dfd, dirent *entry, int modfd) {
if (faccessat(modfd, "remove", F_OK, 0) == 0) {
LOGI("%s: remove\n", entry->d_name);
auto uninstaller = MODULEROOT + "/"s + entry->d_name + "/uninstall.sh";
@@ -407,7 +415,7 @@ static void collect_modules(bool open_zygisk) {
if (faccessat(modfd, "disable", F_OK, 0) == 0)
return;
module_info info;
ModuleInfo info{{}, -1, -1};
if (zygisk_enabled) {
// Riru and its modules are not compatible with zygisk
if (entry->d_name == "riru-core"sv || faccessat(modfd, "riru", F_OK, 0) == 0) {
@@ -417,11 +425,13 @@ static void collect_modules(bool open_zygisk) {
if (open_zygisk) {
#if defined(__arm__)
info.z32 = openat(modfd, "zygisk/armeabi-v7a.so", O_RDONLY | O_CLOEXEC);
info.z64 = -1;
#elif defined(__aarch64__)
info.z32 = openat(modfd, "zygisk/armeabi-v7a.so", O_RDONLY | O_CLOEXEC);
info.z64 = openat(modfd, "zygisk/arm64-v8a.so", O_RDONLY | O_CLOEXEC);
#elif defined(__i386__)
info.z32 = openat(modfd, "zygisk/x86.so", O_RDONLY | O_CLOEXEC);
info.z64 = -1;
#elif defined(__x86_64__)
info.z32 = openat(modfd, "zygisk/x86.so", O_RDONLY | O_CLOEXEC);
info.z64 = openat(modfd, "zygisk/x86_64.so", O_RDONLY | O_CLOEXEC);
@@ -441,7 +451,7 @@ static void collect_modules(bool open_zygisk) {
}
}
info.name = entry->d_name;
module_list->push_back(info);
modules.push_back(std::move(info));
});
if (zygisk_enabled) {
bool use_memfd = true;
@@ -461,23 +471,22 @@ static void collect_modules(bool open_zygisk) {
}
return fd;
};
std::for_each(module_list->begin(), module_list->end(), [&](module_info &info) {
std::for_each(modules.begin(),modules.end(), [&](ModuleInfo &info) {
info.z32 = convert_to_memfd(info.z32);
#if defined(__LP64__)
info.z64 = convert_to_memfd(info.z64);
#endif
});
}
return modules;
}
void handle_modules() {
rust::Vec<ModuleInfo> MagiskD::handle_modules() const noexcept {
bool zygisk = zygisk_enabled();
prepare_modules();
collect_modules(false);
exec_module_scripts("post-fs-data");
exec_module_scripts("post-fs-data", collect_modules(zygisk, false));
// Recollect modules (module scripts could remove itself)
module_list->clear();
collect_modules(true);
auto list = collect_modules(zygisk, true);
load_modules(zygisk, list);
return list;
}
static int check_rules_dir(char *buf, size_t sz) {
@@ -517,10 +526,3 @@ void remove_modules() {
});
rm_rf(MODULEROOT);
}
void exec_module_scripts(const char *stage) {
vector<string_view> module_names;
std::transform(module_list->begin(), module_list->end(), std::back_inserter(module_names),
[](const module_info &info) -> string_view { return info.name; });
exec_module_scripts(stage, module_names);
}

112
native/src/core/mount.rs
View File

@@ -1,15 +1,14 @@
use std::{
cmp::Ordering::{Greater, Less},
path::{Path, PathBuf},
ptr,
};
use num_traits::AsPrimitive;
use base::libc::{c_uint, dev_t};
use base::{
cstr, debug, info, libc, parse_mount_info, raw_cstr, warn, FsPath, FsPathBuf, LibcReturn,
LoggedResult, MountInfo, ResultExt, Utf8CStr, Utf8CStrBufArr,
FsPathBuilder, LibcReturn, LoggedResult, MountInfo, ResultExt, Utf8CStr, Utf8CStrBuf, cstr,
debug, info, libc, parse_mount_info, warn,
};
use crate::consts::{MODULEMNT, MODULEROOT, PREINITDEV, PREINITMIRR, WORKERDIR};
@@ -20,13 +19,11 @@ pub fn setup_mounts() {
info!("* Setup internal mounts");
let magisk_tmp = get_magisk_tmp();
let mut buf = Utf8CStrBufArr::default();
// Mount preinit directory
let mut dev_buf = Utf8CStrBufArr::<64>::new();
let dev_path = FsPathBuf::new(&mut dev_buf)
.join(magisk_tmp)
.join(PREINITDEV);
let dev_path = cstr::buf::new::<64>()
.join_path(magisk_tmp)
.join_path(PREINITDEV);
let mut linked = false;
if let Ok(attr) = dev_path.get_attr() {
if attr.st.st_mode & libc::S_IFMT as c_uint == libc::S_IFBLK.as_() {
@@ -36,7 +33,9 @@ pub fn setup_mounts() {
// What we do instead is to scan through the current mountinfo and find a pre-existing
// mount point mounting our desired partition, and then bind mount the target folder.
let preinit_dev = attr.st.st_rdev;
let mnt_path = FsPathBuf::new(&mut buf).join(magisk_tmp).join(PREINITMIRR);
let mnt_path = cstr::buf::default()
.join_path(magisk_tmp)
.join_path(PREINITMIRR);
for info in parse_mount_info("self") {
if info.root == "/" && info.device == preinit_dev {
if !info.fs_option.split(',').any(|s| s == "rw") {
@@ -48,15 +47,10 @@ pub fn setup_mounts() {
let mut preinit_dir = resolve_preinit_dir(target);
let preinit_dir = Utf8CStr::from_string(&mut preinit_dir);
let r: LoggedResult<()> = try {
FsPath::from(preinit_dir).mkdir(0o700)?;
let mut buf = Utf8CStrBufArr::default();
if mnt_path.parent(&mut buf) {
FsPath::from(&buf).mkdirs(0o755)?;
}
preinit_dir.mkdir(0o700)?;
mnt_path.mkdirs(0o755)?;
mnt_path.remove().ok();
unsafe {
libc::symlink(preinit_dir.as_ptr(), mnt_path.as_ptr()).as_os_err()?
}
mnt_path.create_symlink_to(preinit_dir)?;
};
if r.is_ok() {
linked = true;
@@ -74,63 +68,29 @@ pub fn setup_mounts() {
}
// Bind remount module root to clear nosuid
let module_mnt = FsPathBuf::new(&mut buf).join(magisk_tmp).join(MODULEMNT);
let module_mnt = cstr::buf::default()
.join_path(magisk_tmp)
.join_path(MODULEMNT);
let _: LoggedResult<()> = try {
module_mnt.mkdir(0o755)?;
unsafe {
libc::mount(
raw_cstr!(MODULEROOT),
module_mnt.as_ptr(),
ptr::null(),
libc::MS_BIND,
ptr::null(),
)
.as_os_err()?;
libc::mount(
ptr::null(),
module_mnt.as_ptr(),
ptr::null(),
libc::MS_REMOUNT | libc::MS_BIND | libc::MS_RDONLY,
ptr::null(),
)
.as_os_err()?;
}
cstr!(MODULEROOT).bind_mount_to(&module_mnt)?;
module_mnt.remount_mount_point_flags(libc::MS_RDONLY)?;
};
}
pub fn clean_mounts() {
let magisk_tmp = get_magisk_tmp();
let mut buf = Utf8CStrBufArr::default();
let mut buf = cstr::buf::default();
let module_mnt = FsPathBuf::new(&mut buf).join(magisk_tmp).join(MODULEMNT);
let _: LoggedResult<()> = try {
unsafe {
libc::umount2(
module_mnt.as_ptr(),
libc::MNT_DETACH,
)
.as_os_err()?;
}
};
let module_mnt = buf.append_path(magisk_tmp).append_path(MODULEMNT);
module_mnt.unmount().log_ok();
buf.clear();
let worker_dir = FsPathBuf::new(&mut buf).join(magisk_tmp).join(WORKERDIR);
let worker_dir = buf.append_path(magisk_tmp).append_path(WORKERDIR);
let _: LoggedResult<()> = try {
unsafe {
libc::mount(
ptr::null(),
worker_dir.as_ptr(),
ptr::null(),
libc::MS_PRIVATE | libc::MS_REC,
ptr::null(),
)
.as_os_err()?;
libc::umount2(
worker_dir.as_ptr(),
libc::MNT_DETACH,
)
.as_os_err()?;
}
worker_dir.set_mount_private(true)?;
worker_dir.unmount()?;
};
}
@@ -226,32 +186,26 @@ pub fn find_preinit_device() -> String {
&& let Ok(tmp) = std::env::var("MAGISKTMP")
&& !tmp.is_empty()
{
let mut buf = Utf8CStrBufArr::default();
let mirror_dir = FsPathBuf::new(&mut buf).join(&tmp).join(PREINITMIRR);
let preinit_dir = FsPath::from(Utf8CStr::from_string(&mut preinit_dir));
let mut buf = cstr::buf::default();
let mirror_dir = buf.append_path(&tmp).append_path(PREINITMIRR);
let preinit_dir = Utf8CStr::from_string(&mut preinit_dir);
let _: LoggedResult<()> = try {
preinit_dir.mkdirs(0o700)?;
let mut buf = Utf8CStrBufArr::default();
if mirror_dir.parent(&mut buf) {
FsPath::from(&buf).mkdirs(0o755)?;
}
unsafe {
libc::umount2(mirror_dir.as_ptr(), libc::MNT_DETACH)
.as_os_err()
.ok(); // ignore error
mirror_dir.remove().ok();
libc::symlink(preinit_dir.as_ptr(), mirror_dir.as_ptr()).as_os_err()?;
}
mirror_dir.mkdirs(0o755)?;
mirror_dir.unmount().ok();
mirror_dir.remove().ok();
mirror_dir.create_symlink_to(preinit_dir)?;
};
if std::env::var_os("MAKEDEV").is_some() {
let dev_path = FsPathBuf::new(&mut buf).join(&tmp).join(PREINITDEV);
buf.clear();
let dev_path = buf.append_path(&tmp).append_path(PREINITDEV);
unsafe {
libc::mknod(
dev_path.as_ptr(),
libc::S_IFBLK | 0o600,
info.device as dev_t,
)
.as_os_err()
.check_io_err()
.log()
.ok();
}

8
native/src/core/node.hpp
View File

@@ -105,7 +105,7 @@ public:
**************/
// Traverse through module directories to generate a tree of module files
void collect_module_files(const char *module, int dfd);
void collect_module_files(std::string_view module, int dfd);
// Traverse through the real filesystem and prepare the tree for magic mount.
// Return true to indicate that this node needs to be upgraded to tmpfs_node.
@@ -279,16 +279,16 @@ public:
class module_node : public node_entry {
public:
module_node(const char *module, dirent *entry)
module_node(std::string_view module, dirent *entry)
: node_entry(entry->d_name, entry->d_type, this), module(module) {}
module_node(node_entry *node, const char *module) : node_entry(this), module(module) {
module_node(node_entry *node, std::string_view module) : node_entry(this), module(module) {
node_entry::consume(node);
}
void mount() override;
private:
const char *module;
std::string_view module;
};
// Don't create tmpfs_node before prepare

214
native/src/core/package.rs
View File

@@ -1,26 +1,26 @@
use crate::consts::{APP_PACKAGE_NAME, MAGISK_VER_CODE};
use crate::daemon::{to_app_id, MagiskD, AID_USER_OFFSET};
use crate::ffi::{get_magisk_tmp, install_apk, uninstall_pkg, DbEntryKey};
use base::libc::{O_CLOEXEC, O_CREAT, O_RDONLY, O_TRUNC, O_WRONLY};
use crate::daemon::{AID_APP_END, AID_APP_START, AID_USER_OFFSET, MagiskD, to_app_id};
use crate::ffi::{DbEntryKey, get_magisk_tmp, install_apk, uninstall_pkg};
use base::WalkResult::{Abort, Continue, Skip};
use base::libc::{O_CLOEXEC, O_CREAT, O_RDONLY, O_TRUNC, O_WRONLY};
use base::{
cstr, error, fd_get_attr, open_fd, warn, BufReadExt, Directory, FsPath, FsPathBuf,
LoggedResult, ReadExt, ResultExt, Utf8CStrBuf, Utf8CStrBufArr,
BufReadExt, Directory, FsPathBuilder, LoggedResult, ReadExt, ResultExt, Utf8CStrBuf,
Utf8CString, cstr, error, fd_get_attr, warn,
};
use bit_set::BitSet;
use cxx::CxxString;
use std::collections::BTreeMap;
use std::fs::File;
use std::io;
use std::io::{Cursor, Read, Seek, SeekFrom};
use std::os::fd::AsRawFd;
use std::os::unix::fs::MetadataExt;
use std::path::{Path, PathBuf};
use std::pin::Pin;
use std::time::Duration;
const EOCD_MAGIC: u32 = 0x06054B50;
const APK_SIGNING_BLOCK_MAGIC: [u8; 16] = *b"APK Sig Block 42";
const SIGNATURE_SCHEME_V2_MAGIC: u32 = 0x7109871A;
const PACKAGES_XML: &str = "/data/system/packages.xml";
macro_rules! bad_apk {
($msg:literal) => {
@@ -51,7 +51,7 @@ macro_rules! bad_apk {
* within the APK v2 signature block.
*/
fn read_certificate(apk: &mut File, version: i32) -> Vec<u8> {
fn inner(apk: &mut File, version: i32) -> io::Result<Vec<u8>> {
let res: io::Result<Vec<u8>> = try {
let mut u32_val = 0u32;
let mut u64_val = 0u64;
@@ -70,7 +70,7 @@ fn read_certificate(apk: &mut File, version: i32) -> Vec<u8> {
}
}
if i == 0xffff {
return Err(bad_apk!("invalid APK format"));
Err(bad_apk!("invalid APK format"))?;
}
}
@@ -97,7 +97,7 @@ fn read_certificate(apk: &mut File, version: i32) -> Vec<u8> {
}
});
if version > apk_ver {
return Err(bad_apk!("APK version too low"));
Err(bad_apk!("APK version too low"))?;
}
}
@@ -107,7 +107,7 @@ fn read_certificate(apk: &mut File, version: i32) -> Vec<u8> {
let mut magic = [0u8; 16];
apk.read_exact(&mut magic)?;
if magic != APK_SIGNING_BLOCK_MAGIC {
return Err(bad_apk!("invalid signing block magic"));
Err(bad_apk!("invalid signing block magic"))?;
}
let mut signing_blk_sz = 0u64;
apk.seek(SeekFrom::Current(
@@ -115,14 +115,14 @@ fn read_certificate(apk: &mut File, version: i32) -> Vec<u8> {
))?;
apk.read_pod(&mut signing_blk_sz)?;
if signing_blk_sz != u64_val {
return Err(bad_apk!("invalid signing block size"));
Err(bad_apk!("invalid signing block size"))?;
}
// Finally, we are now at the beginning of the id-value pair sequence
loop {
apk.read_pod(&mut u64_val)?; // id-value pair length
if u64_val == signing_blk_sz {
break;
Err(bad_apk!("cannot find certificate"))?;
}
let mut id = 0u32;
@@ -139,7 +139,7 @@ fn read_certificate(apk: &mut File, version: i32) -> Vec<u8> {
let mut cert = vec![0; u32_val as usize];
apk.read_exact(cert.as_mut())?;
return Ok(cert);
break cert;
} else {
// Skip this id-value pair
apk.seek(SeekFrom::Current(
@@ -147,21 +147,20 @@ fn read_certificate(apk: &mut File, version: i32) -> Vec<u8> {
))?;
}
}
Err(bad_apk!("cannot find certificate"))
}
inner(apk, version).log().unwrap_or(vec![])
};
res.log().unwrap_or(vec![])
}
fn find_apk_path(pkg: &str, buf: &mut dyn Utf8CStrBuf) -> io::Result<()> {
fn find_apk_path(pkg: &str) -> LoggedResult<Utf8CString> {
let mut buf = cstr::buf::default();
Directory::open(cstr!("/data/app"))?.pre_order_walk(|e| {
if !e.is_dir() {
return Ok(Skip);
}
let name_bytes = e.d_name().to_bytes();
let name_bytes = e.name().as_bytes();
if name_bytes.starts_with(pkg.as_bytes()) && name_bytes[pkg.len()] == b'-' {
// Found the APK path, we can abort now
e.path(buf)?;
e.resolve_path(&mut buf)?;
return Ok(Abort);
}
if name_bytes.starts_with(b"~~") {
@@ -172,7 +171,7 @@ fn find_apk_path(pkg: &str, buf: &mut dyn Utf8CStrBuf) -> io::Result<()> {
if !buf.is_empty() {
buf.push_str("/base.apk");
}
Ok(())
Ok(buf.to_owned())
}
enum Status {
@@ -205,48 +204,41 @@ impl Default for ManagerInfo {
#[derive(Default)]
struct TrackedFile {
path: PathBuf,
path: Utf8CString,
timestamp: Duration,
}
impl TrackedFile {
fn new<T: AsRef<Path>>(path: T) -> TrackedFile {
fn inner(path: &Path) -> TrackedFile {
let meta = match path.metadata() {
Ok(meta) => meta,
Err(_) => return TrackedFile::default(),
};
let timestamp = Duration::new(meta.ctime() as u64, meta.ctime_nsec() as u32);
TrackedFile {
path: PathBuf::from(path),
timestamp,
}
}
inner(path.as_ref())
fn new(path: Utf8CString) -> TrackedFile {
let attr = match path.get_attr() {
Ok(attr) => attr,
Err(_) => return TrackedFile::default(),
};
let timestamp = Duration::new(attr.st.st_ctime as u64, attr.st.st_ctime_nsec as u32);
TrackedFile { path, timestamp }
}
fn is_same(&self) -> bool {
if self.path.as_os_str().is_empty() {
if self.path.is_empty() {
return false;
}
let meta = match self.path.metadata() {
Ok(meta) => meta,
let attr = match self.path.get_attr() {
Ok(attr) => attr,
Err(_) => return false,
};
let timestamp = Duration::new(meta.ctime() as u64, meta.ctime_nsec() as u32);
let timestamp = Duration::new(attr.st.st_ctime as u64, attr.st.st_ctime_nsec as u32);
timestamp == self.timestamp
}
}
impl ManagerInfo {
fn check_dyn(&mut self, daemon: &MagiskD, user: i32, pkg: &str) -> Status {
let mut arr = Utf8CStrBufArr::default();
let apk = FsPathBuf::new(&mut arr)
.join(daemon.app_data_dir())
.join_fmt(user)
.join(pkg)
.join("dyn")
.join("current.apk");
let apk = cstr::buf::default()
.join_path(daemon.app_data_dir())
.join_path_fmt(user)
.join_path(pkg)
.join_path("dyn")
.join_path("current.apk");
let uid: i32;
let cert = match apk.open(O_RDONLY | O_CLOEXEC) {
Ok(mut fd) => {
@@ -270,16 +262,15 @@ impl ManagerInfo {
}
self.repackaged_app_id = to_app_id(uid);
self.tracked_files.insert(user, TrackedFile::new(apk));
self.tracked_files
.insert(user, TrackedFile::new(apk.to_owned()));
Status::Installed
}
fn check_stub(&mut self, user: i32, pkg: &str) -> Status {
let mut arr = Utf8CStrBufArr::default();
if find_apk_path(pkg, &mut arr).is_err() {
let Ok(apk) = find_apk_path(pkg) else {
return Status::NotInstalled;
}
let apk = FsPath::from(&arr);
};
let cert = match apk.open(O_RDONLY | O_CLOEXEC) {
Ok(mut fd) => read_certificate(&mut fd, -1),
@@ -288,7 +279,7 @@ impl ManagerInfo {
if cert.is_empty() || (pkg == self.repackaged_pkg && cert != self.repackaged_cert) {
error!("pkg: repackaged APK signature invalid: {}", apk);
uninstall_pkg(apk);
uninstall_pkg(&apk);
return Status::CertMismatch;
}
@@ -300,11 +291,9 @@ impl ManagerInfo {
}
fn check_orig(&mut self, user: i32) -> Status {
let mut arr = Utf8CStrBufArr::default();
if find_apk_path(APP_PACKAGE_NAME, &mut arr).is_err() {
let Ok(apk) = find_apk_path(APP_PACKAGE_NAME) else {
return Status::NotInstalled;
}
let apk = FsPath::from(&arr);
};
let cert = match apk.open(O_RDONLY | O_CLOEXEC) {
Ok(mut fd) => read_certificate(&mut fd, MAGISK_VER_CODE),
@@ -330,12 +319,9 @@ impl ManagerInfo {
let tmp_apk = cstr!("/data/stub.apk");
let result: LoggedResult<()> = try {
{
let mut tmp_fd = File::from(open_fd!(
tmp_apk,
O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC,
0o600
)?);
io::copy(stub_fd, &mut tmp_fd)?;
let mut tmp_apk_file =
tmp_apk.create(O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, 0o600)?;
io::copy(stub_fd, &mut tmp_apk_file)?;
}
// Seek the fd back to start
stub_fd.seek(SeekFrom::Start(0))?;
@@ -358,14 +344,14 @@ impl ManagerInfo {
&& file.is_same()
{
// no APK
if file.path == Path::new("/data/system/packages.xml") {
if install {
if &file.path == PACKAGES_XML {
if install && !daemon.is_emulator {
self.install_stub();
}
return (-1, "");
}
// dyn APK is still the same
if file.path.starts_with(daemon.app_data_dir()) {
if file.path.starts_with(daemon.app_data_dir().as_str()) {
return (
user * AID_USER_OFFSET + self.repackaged_app_id,
&self.repackaged_pkg,
@@ -404,7 +390,7 @@ impl ManagerInfo {
)
} else {
(-1, "")
}
};
}
Status::NotInstalled => {
daemon.rm_db_string(DbEntryKey::SuManager).ok();
@@ -434,9 +420,9 @@ impl ManagerInfo {
// If we cannot find any manager, track packages.xml for new package installs
self.tracked_files
.insert(user, TrackedFile::new("/data/system/packages.xml"));
.insert(user, TrackedFile::new(PACKAGES_XML.into()));
if install {
if install && !daemon.is_emulator {
self.install_stub();
}
(-1, "")
@@ -445,11 +431,10 @@ impl ManagerInfo {
impl MagiskD {
fn get_package_uid(&self, user: i32, pkg: &str) -> i32 {
let mut arr = Utf8CStrBufArr::default();
let path = FsPathBuf::new(&mut arr)
.join(self.app_data_dir())
.join_fmt(user)
.join(pkg);
let path = cstr::buf::default()
.join_path(self.app_data_dir())
.join_path_fmt(user)
.join_path(pkg);
path.get_attr()
.map(|attr| attr.st.st_uid as i32)
.unwrap_or(-1)
@@ -458,29 +443,84 @@ impl MagiskD {
pub fn preserve_stub_apk(&self) {
let mut info = self.manager_info.lock().unwrap();
let mut arr = Utf8CStrBufArr::default();
let apk = FsPathBuf::new(&mut arr)
.join(get_magisk_tmp())
.join("stub.apk");
let apk = cstr::buf::default()
.join_path(get_magisk_tmp())
.join_path("stub.apk");
if let Ok(mut fd) = apk.open(O_RDONLY | O_CLOEXEC) {
info.trusted_cert = read_certificate(&mut fd, MAGISK_VER_CODE);
// Seek the fd back to start
fd.seek(SeekFrom::Start(0)).log().ok();
fd.seek(SeekFrom::Start(0)).log_ok();
info.stub_apk_fd = Some(fd);
}
apk.remove().log().ok();
apk.remove().log_ok();
}
pub fn get_manager_uid(&self, user: i32) -> i32 {
let mut info = self.manager_info.lock().unwrap();
let (uid, _) = info.get_manager(self, user, false);
uid
}
pub fn get_manager(&self, user: i32, install: bool) -> (i32, String) {
let mut info = self.manager_info.lock().unwrap();
let (uid, pkg) = info.get_manager(self, user, install);
(uid, pkg.to_string())
}
pub fn ensure_manager(&self) {
let mut info = self.manager_info.lock().unwrap();
let _ = info.get_manager(self, 0, true);
}
pub unsafe fn get_manager_for_cxx(&self, user: i32, ptr: *mut CxxString, install: bool) -> i32 {
let mut info = self.manager_info.lock().unwrap();
let (uid, pkg) = info.get_manager(self, user, install);
if let Some(str) = ptr.as_mut() {
let mut str = Pin::new_unchecked(str);
str.as_mut().clear();
str.push_str(pkg);
unsafe {
let mut info = self.manager_info.lock().unwrap();
let (uid, pkg) = info.get_manager(self, user, install);
if let Some(str) = ptr.as_mut() {
let mut str = Pin::new_unchecked(str);
str.as_mut().clear();
str.push_str(pkg);
}
uid
}
uid
}
// app_id = app_no + AID_APP_START
// app_no range: [0, 9999]
pub fn get_app_no_list(&self) -> BitSet {
let mut list = BitSet::new();
let _: LoggedResult<()> = try {
let mut app_data_dir = Directory::open(self.app_data_dir())?;
// For each user
loop {
let entry = match app_data_dir.read()? {
None => break,
Some(e) => e,
};
let mut user_dir = match entry.open_as_dir() {
Err(_) => continue,
Ok(dir) => dir,
};
// For each package
loop {
match user_dir.read()? {
None => break,
Some(e) => {
let mut entry_path = cstr::buf::default();
e.resolve_path(&mut entry_path)?;
let attr = entry_path.get_attr()?;
let app_id = to_app_id(attr.st.st_uid as i32);
if (AID_APP_START..=AID_APP_END).contains(&app_id) {
let app_no = app_id - AID_APP_START;
list.insert(app_no as usize);
}
}
}
}
}
};
list
}
}

131
native/src/core/resetprop/persist.rs
View File

@@ -9,28 +9,19 @@ use std::{
use quick_protobuf::{BytesReader, MessageRead, MessageWrite, Writer};
use crate::ffi::{PropCb, prop_cb_exec};
use crate::resetprop::proto::persistent_properties::{
PersistentProperties, mod_PersistentProperties::PersistentPropertyRecord,
};
use base::const_format::concatcp;
use base::libc::{O_CLOEXEC, O_RDONLY};
use base::{
clone_attr, cstr, debug, libc::mkstemp, Directory, FsPath, FsPathBuf, LibcReturn, LoggedResult,
MappedFile, SilentResultExt, Utf8CStr, Utf8CStrBufArr, WalkResult,
Directory, FsPathBuilder, LibcReturn, LoggedResult, MappedFile, SilentResultExt, Utf8CStr,
Utf8CStrBuf, WalkResult, clone_attr, cstr, debug, libc::mkstemp,
};
use crate::ffi::{prop_cb_exec, PropCb};
use crate::resetprop::proto::persistent_properties::{
mod_PersistentProperties::PersistentPropertyRecord, PersistentProperties,
};
macro_rules! PERSIST_PROP_DIR {
() => {
"/data/property"
};
}
macro_rules! PERSIST_PROP {
() => {
concat!(PERSIST_PROP_DIR!(), "/persistent_properties")
};
}
const PERSIST_PROP_DIR: &str = "/data/property";
const PERSIST_PROP: &str = concatcp!(PERSIST_PROP_DIR, "/persistent_properties");
trait PropCbExec {
fn exec(&mut self, name: &Utf8CStr, value: &Utf8CStr);
@@ -73,14 +64,13 @@ impl PropExt for PersistentProperties {
}
fn check_proto() -> bool {
FsPath::from(cstr!(PERSIST_PROP!())).exists()
cstr!(PERSIST_PROP).exists()
}
fn file_get_prop(name: &Utf8CStr) -> LoggedResult<String> {
let mut buf = Utf8CStrBufArr::default();
let path = FsPathBuf::new(&mut buf)
.join(PERSIST_PROP_DIR!())
.join(name);
let path = cstr::buf::default()
.join_path(PERSIST_PROP_DIR)
.join_path(name);
let mut file = path.open(O_RDONLY | O_CLOEXEC).silent()?;
debug!("resetprop: read prop from [{}]", path);
let mut s = String::new();
@@ -89,24 +79,23 @@ fn file_get_prop(name: &Utf8CStr) -> LoggedResult<String> {
}
fn file_set_prop(name: &Utf8CStr, value: Option<&Utf8CStr>) -> LoggedResult<()> {
let mut buf = Utf8CStrBufArr::default();
let path = FsPathBuf::new(&mut buf)
.join(PERSIST_PROP_DIR!())
.join(name);
let path = cstr::buf::default()
.join_path(PERSIST_PROP_DIR)
.join_path(name);
if let Some(value) = value {
let mut buf = Utf8CStrBufArr::default();
let mut tmp = FsPathBuf::new(&mut buf)
.join(PERSIST_PROP_DIR!())
.join("prop.XXXXXX");
let mut tmp = cstr::buf::default()
.join_path(PERSIST_PROP_DIR)
.join_path("prop.XXXXXX");
{
let mut f = unsafe {
let fd = mkstemp(tmp.as_mut_ptr()).check_os_err()?;
File::from_raw_fd(fd)
mkstemp(tmp.as_mut_ptr())
.as_os_result("mkstemp", None, None)
.map(|fd| File::from_raw_fd(fd))?
};
f.write_all(value.as_bytes())?;
}
debug!("resetprop: write prop to [{}]", tmp);
tmp.rename_to(path)?
tmp.rename_to(&path)?
} else {
path.remove().silent()?;
debug!("resetprop: unlink [{}]", path);
@@ -115,8 +104,8 @@ fn file_set_prop(name: &Utf8CStr, value: Option<&Utf8CStr>) -> LoggedResult<()>
}
fn proto_read_props() -> LoggedResult<PersistentProperties> {
debug!("resetprop: decode with protobuf [{}]", PERSIST_PROP!());
let m = MappedFile::open(cstr!(PERSIST_PROP!()))?;
debug!("resetprop: decode with protobuf [{}]", PERSIST_PROP);
let m = MappedFile::open(cstr!(PERSIST_PROP))?;
let m = m.as_ref();
let mut r = BytesReader::from_bytes(m);
let mut props = PersistentProperties::from_reader(&mut r, m)?;
@@ -126,29 +115,29 @@ fn proto_read_props() -> LoggedResult<PersistentProperties> {
}
fn proto_write_props(props: &PersistentProperties) -> LoggedResult<()> {
let mut buf = Utf8CStrBufArr::default();
let mut tmp = FsPathBuf::new(&mut buf).join(concat!(PERSIST_PROP!(), ".XXXXXX"));
let mut tmp = cstr::buf::default().join_path(concatcp!(PERSIST_PROP, ".XXXXXX"));
{
let f = unsafe {
let fd = mkstemp(tmp.as_mut_ptr()).check_os_err()?;
File::from_raw_fd(fd)
mkstemp(tmp.as_mut_ptr())
.as_os_result("mkstemp", None, None)
.map(|fd| File::from_raw_fd(fd))?
};
debug!("resetprop: encode with protobuf [{}]", tmp);
props.write_message(&mut Writer::new(BufWriter::new(f)))?;
}
clone_attr(FsPath::from(cstr!(PERSIST_PROP!())), &tmp)?;
tmp.rename_to(cstr!(PERSIST_PROP!()))?;
clone_attr(cstr!(PERSIST_PROP), &tmp)?;
tmp.rename_to(cstr!(PERSIST_PROP))?;
Ok(())
}
pub unsafe fn persist_get_prop(name: &Utf8CStr, prop_cb: Pin<&mut PropCb>) {
fn inner(name: &Utf8CStr, mut prop_cb: Pin<&mut PropCb>) -> LoggedResult<()> {
pub fn persist_get_prop(name: &Utf8CStr, mut prop_cb: Pin<&mut PropCb>) {
let res: LoggedResult<()> = try {
if check_proto() {
let mut props = proto_read_props()?;
let prop = props.find(name)?;
if let PersistentPropertyRecord {
name: Some(ref mut n),
value: Some(ref mut v),
name: Some(n),
value: Some(v),
} = prop
{
prop_cb.exec(Utf8CStr::from_string(n), Utf8CStr::from_string(v));
@@ -158,59 +147,55 @@ pub unsafe fn persist_get_prop(name: &Utf8CStr, prop_cb: Pin<&mut PropCb>) {
prop_cb.exec(name, Utf8CStr::from_string(&mut value));
debug!("resetprop: found prop [{}] = [{}]", name, value);
}
Ok(())
}
inner(name, prop_cb).ok();
};
res.ok();
}
pub unsafe fn persist_get_props(prop_cb: Pin<&mut PropCb>) {
fn inner(mut prop_cb: Pin<&mut PropCb>) -> LoggedResult<()> {
pub fn persist_get_props(mut prop_cb: Pin<&mut PropCb>) {
let res: LoggedResult<()> = try {
if check_proto() {
let mut props = proto_read_props()?;
props.iter_mut().for_each(|prop| {
if let PersistentPropertyRecord {
name: Some(ref mut n),
value: Some(ref mut v),
name: Some(n),
value: Some(v),
} = prop
{
prop_cb.exec(Utf8CStr::from_string(n), Utf8CStr::from_string(v));
}
});
} else {
let mut dir = Directory::open(cstr!(PERSIST_PROP_DIR!()))?;
let mut dir = Directory::open(cstr!(PERSIST_PROP_DIR))?;
dir.pre_order_walk(|e| {
if e.is_file() {
if let Ok(name) = Utf8CStr::from_cstr(e.d_name()) {
if let Ok(mut value) = file_get_prop(name) {
prop_cb.exec(name, Utf8CStr::from_string(&mut value));
}
if let Ok(mut value) = file_get_prop(e.name()) {
prop_cb.exec(e.name(), Utf8CStr::from_string(&mut value));
}
}
// Do not traverse recursively
Ok(WalkResult::Skip)
})?;
}
Ok(())
}
inner(prop_cb).ok();
};
res.ok();
}
pub unsafe fn persist_delete_prop(name: &Utf8CStr) -> bool {
fn inner(name: &Utf8CStr) -> LoggedResult<()> {
pub fn persist_delete_prop(name: &Utf8CStr) -> bool {
let res: LoggedResult<()> = try {
if check_proto() {
let mut props = proto_read_props()?;
let idx = props.find_index(name).silent()?;
props.remove(idx);
proto_write_props(&props)
proto_write_props(&props)?;
} else {
file_set_prop(name, None)
file_set_prop(name, None)?;
}
}
inner(name).is_ok()
};
res.is_ok()
}
pub unsafe fn persist_set_prop(name: &Utf8CStr, value: &Utf8CStr) -> bool {
unsafe fn inner(name: &Utf8CStr, value: &Utf8CStr) -> LoggedResult<()> {
pub fn persist_set_prop(name: &Utf8CStr, value: &Utf8CStr) -> bool {
let res: LoggedResult<()> = try {
if check_proto() {
let mut props = proto_read_props()?;
match props.find_index(name) {
@@ -223,10 +208,10 @@ pub unsafe fn persist_set_prop(name: &Utf8CStr, value: &Utf8CStr) -> bool {
},
),
}
proto_write_props(&props)
proto_write_props(&props)?;
} else {
file_set_prop(name, Some(value))
file_set_prop(name, Some(value))?;
}
}
inner(name, value).is_ok()
};
res.is_ok()
}

26
native/src/core/scripting.cpp
View File

@@ -4,7 +4,6 @@
#include <consts.hpp>
#include <base.hpp>
#include <selinux.hpp>
#include <core.hpp>
using namespace std;
@@ -26,7 +25,7 @@ static void set_script_env() {
char new_path[4096];
ssprintf(new_path, sizeof(new_path), "%s:%s", getenv("PATH"), get_magisk_tmp());
setenv("PATH", new_path, 1);
if (zygisk_enabled)
if (MagiskD::Get().zygisk_enabled())
setenv("ZYGISK_ENABLED", "1", 1);
};
@@ -75,10 +74,10 @@ if (pfs) { \
exit(0); \
}
void exec_common_scripts(const char *stage) {
LOGI("* Running %s.d scripts\n", stage);
void exec_common_scripts(rust::Utf8CStr stage) {
LOGI("* Running %s.d scripts\n", stage.c_str());
char path[4096];
char *name = path + sprintf(path, SECURE_DIR "/%s.d", stage);
char *name = path + sprintf(path, SECURE_DIR "/%s.d", stage.c_str());
auto dir = xopen_dir(path);
if (!dir) return;
@@ -97,7 +96,7 @@ void exec_common_scripts(const char *stage) {
if (entry->d_type == DT_REG) {
if (faccessat(dfd, entry->d_name, X_OK, 0) != 0)
continue;
LOGI("%s.d: exec [%s]\n", stage, entry->d_name);
LOGI("%s.d: exec [%s]\n", stage.c_str(), entry->d_name);
strcpy(name, entry->d_name);
exec_t exec {
.pre_exec = set_script_env,
@@ -117,12 +116,12 @@ static bool operator>(const timespec &a, const timespec &b) {
return a.tv_nsec > b.tv_nsec;
}
void exec_module_scripts(const char *stage, const vector<string_view> &modules) {
LOGI("* Running module %s scripts\n", stage);
if (modules.empty())
void exec_module_scripts(rust::Utf8CStr stage, const rust::Vec<ModuleInfo> &module_list) {
LOGI("* Running module %s scripts\n", stage.c_str());
if (module_list.empty())
return;
bool pfs = stage == "post-fs-data"sv;
bool pfs = (string_view) stage == "post-fs-data";
if (pfs) {
timespec now{};
clock_gettime(CLOCK_MONOTONIC, &now);
@@ -134,12 +133,11 @@ void exec_module_scripts(const char *stage, const vector<string_view> &modules)
PFS_SETUP()
char path[4096];
for (auto &m : modules) {
const char *module = m.data();
sprintf(path, MODULEROOT "/%s/%s.sh", module, stage);
for (auto &m : module_list) {
sprintf(path, MODULEROOT "/%.*s/%s.sh", (int) m.name.size(), m.name.data(), stage.c_str());
if (access(path, F_OK) == -1)
continue;
LOGI("%s: exec [%s.sh]\n", module, stage);
LOGI("%.*s: exec [%s.sh]\n", (int) m.name.size(), m.name.data(), stage.c_str());
exec_t exec {
.pre_exec = set_script_env,
.fork = pfs ? xfork : fork_dont_care

139
native/src/core/selinux.cpp
View File

@@ -1,139 +0,0 @@
#include <unistd.h>
#include <sys/syscall.h>
#include <sys/xattr.h>
#include <consts.hpp>
#include <base.hpp>
#include <selinux.hpp>
#include <core.hpp>
#include <flags.h>
using namespace std;
int setcon(const char *con) {
int fd = open("/proc/self/attr/current", O_WRONLY | O_CLOEXEC);
if (fd < 0)
return fd;
size_t len = strlen(con) + 1;
int rc = write(fd, con, len);
close(fd);
return rc != len;
}
int getfilecon(const char *path, byte_data con) {
return syscall(__NR_getxattr, path, XATTR_NAME_SELINUX, con.buf(), con.sz());
}
int lgetfilecon(const char *path, byte_data con) {
return syscall(__NR_lgetxattr, path, XATTR_NAME_SELINUX, con.buf(), con.sz());
}
int fgetfilecon(int fd, byte_data con) {
return syscall(__NR_fgetxattr, fd, XATTR_NAME_SELINUX, con.buf(), con.sz());
}
int setfilecon(const char *path, const char *con) {
return syscall(__NR_setxattr, path, XATTR_NAME_SELINUX, con, strlen(con) + 1, 0);
}
int lsetfilecon(const char *path, const char *con) {
return syscall(__NR_lsetxattr, path, XATTR_NAME_SELINUX, con, strlen(con) + 1, 0);
}
int fsetfilecon(int fd, const char *con) {
return syscall(__NR_fsetxattr, fd, XATTR_NAME_SELINUX, con, strlen(con) + 1, 0);
}
int getfilecon_at(int dirfd, const char *name, byte_data con) {
char path[4096];
fd_pathat(dirfd, name, path, sizeof(path));
return lgetfilecon(path, con);
}
void setfilecon_at(int dirfd, const char *name, const char *con) {
char path[4096];
fd_pathat(dirfd, name, path, sizeof(path));
lsetfilecon(path, con);
}
#define UNLABEL_CON "u:object_r:unlabeled:s0"
#define SYSTEM_CON "u:object_r:system_file:s0"
#define ADB_CON "u:object_r:adb_data_file:s0"
#define ROOT_CON "u:object_r:rootfs:s0"
static void restore_syscon_from_null(int dirfd) {
struct dirent *entry;
char con[1024];
if (fgetfilecon(dirfd, { con, sizeof(con) }) >= 0) {
if (con[0] == '\0' || strcmp(con, UNLABEL_CON) == 0)
fsetfilecon(dirfd, SYSTEM_CON);
}
auto dir = xopen_dir(dirfd);
while ((entry = xreaddir(dir.get()))) {
int fd = openat(dirfd, entry->d_name, O_RDONLY | O_CLOEXEC);
if (entry->d_type == DT_DIR) {
restore_syscon_from_null(fd);
continue;
} else if (entry->d_type == DT_REG) {
if (fgetfilecon(fd, { con, sizeof(con) }) >= 0) {
if (con[0] == '\0' || strcmp(con, UNLABEL_CON) == 0)
fsetfilecon(fd, SYSTEM_CON);
}
} else if (entry->d_type == DT_LNK) {
if (getfilecon_at(dirfd, entry->d_name, { con, sizeof(con) }) >= 0) {
if (con[0] == '\0' || strcmp(con, UNLABEL_CON) == 0)
setfilecon_at(dirfd, entry->d_name, SYSTEM_CON);
}
}
close(fd);
}
}
static void restore_syscon(int dirfd) {
struct dirent *entry;
fsetfilecon(dirfd, SYSTEM_CON);
fchown(dirfd, 0, 0);
auto dir = xopen_dir(dirfd);
while ((entry = xreaddir(dir.get()))) {
int fd = xopenat(dirfd, entry->d_name, O_RDONLY | O_CLOEXEC);
if (entry->d_type == DT_DIR) {
restore_syscon(fd);
continue;
} else if (entry->d_type) {
fsetfilecon(fd, SYSTEM_CON);
fchown(fd, 0, 0);
}
close(fd);
}
}
void restorecon() {
int fd = xopen("/sys/fs/selinux/context", O_WRONLY | O_CLOEXEC);
if (write(fd, ADB_CON, sizeof(ADB_CON)) >= 0)
lsetfilecon(SECURE_DIR, ADB_CON);
close(fd);
lsetfilecon(MODULEROOT, SYSTEM_CON);
restore_syscon_from_null(xopen(MODULEROOT, O_RDONLY | O_CLOEXEC));
restore_syscon(xopen(DATABIN, O_RDONLY | O_CLOEXEC));
}
void restore_tmpcon() {
const char *tmp = get_magisk_tmp();
if (tmp == "/sbin"sv)
setfilecon(tmp, ROOT_CON);
else
chmod(tmp, 0711);
auto dir = xopen_dir(tmp);
int dfd = dirfd(dir.get());
for (dirent *entry; (entry = xreaddir(dir.get()));)
setfilecon_at(dfd, entry->d_name, SYSTEM_CON);
string logd = tmp + "/"s LOG_PIPE;
setfilecon(logd.data(), MAGISK_LOG_CON);
}

108
native/src/core/selinux.rs Normal file
View File

@@ -0,0 +1,108 @@
use crate::consts::{DATABIN, LOG_PIPE, MAGISK_LOG_CON, MODULEROOT, SECURE_DIR};
use crate::ffi::get_magisk_tmp;
use base::libc::{O_CLOEXEC, O_WRONLY};
use base::{Directory, FsPathBuilder, LoggedResult, ResultExt, Utf8CStr, Utf8CStrBuf, cstr, libc};
use std::io::Write;
const UNLABEL_CON: &Utf8CStr = cstr!("u:object_r:unlabeled:s0");
const SYSTEM_CON: &Utf8CStr = cstr!("u:object_r:system_file:s0");
const ADB_CON: &Utf8CStr = cstr!("u:object_r:adb_data_file:s0");
const ROOT_CON: &Utf8CStr = cstr!("u:object_r:rootfs:s0");
fn restore_syscon_from_unlabeled(
path: &mut dyn Utf8CStrBuf,
con: &mut dyn Utf8CStrBuf,
) -> LoggedResult<()> {
let dir_path_len = path.len();
if path.get_secontext(con).log().is_ok() && con.as_str() == UNLABEL_CON {
path.set_secontext(SYSTEM_CON)?;
}
let mut dir = Directory::open(path)?;
while let Some(ref e) = dir.read()? {
path.truncate(dir_path_len);
path.append_path(e.name());
if e.is_dir() {
restore_syscon_from_unlabeled(path, con)?;
} else if (e.is_file() || e.is_symlink())
&& path.get_secontext(con).log().is_ok()
&& con.as_str() == UNLABEL_CON
{
path.set_secontext(SYSTEM_CON)?;
}
}
Ok(())
}
fn restore_syscon(path: &mut dyn Utf8CStrBuf) -> LoggedResult<()> {
let dir_path_len = path.len();
path.set_secontext(SYSTEM_CON)?;
unsafe { libc::lchown(path.as_ptr(), 0, 0) };
let mut dir = Directory::open(path)?;
while let Some(ref e) = dir.read()? {
path.truncate(dir_path_len);
path.append_path(e.name());
if e.is_dir() {
restore_syscon(path)?;
} else if e.is_file() || e.is_symlink() {
path.set_secontext(SYSTEM_CON)?;
unsafe { libc::lchown(path.as_ptr(), 0, 0) };
}
}
Ok(())
}
pub(crate) fn restorecon() {
if let Ok(mut file) = cstr!("/sys/fs/selinux/context")
.open(O_WRONLY | O_CLOEXEC)
.log()
{
if file.write_all(ADB_CON.as_bytes_with_nul()).is_ok() {
cstr!(SECURE_DIR).set_secontext(ADB_CON).log_ok();
}
}
let mut path = cstr::buf::default();
let mut con = cstr::buf::new::<1024>();
path.push_str(MODULEROOT);
path.set_secontext(SYSTEM_CON).log_ok();
restore_syscon_from_unlabeled(&mut path, &mut con).log_ok();
path.clear();
path.push_str(DATABIN);
restore_syscon(&mut path).log_ok();
}
pub(crate) fn restore_tmpcon() -> LoggedResult<()> {
let tmp = get_magisk_tmp();
if tmp == "/sbin" {
tmp.set_secontext(ROOT_CON)?;
} else {
unsafe { libc::chmod(tmp.as_ptr(), 0o711) };
}
let mut path = cstr::buf::default();
let mut dir = Directory::open(tmp)?;
while let Some(ref e) = dir.read()? {
e.resolve_path(&mut path)?;
path.set_secontext(SYSTEM_CON)?;
}
path.clear();
path.append_path(tmp).append_path(LOG_PIPE);
path.set_secontext(cstr!(MAGISK_LOG_CON))?;
Ok(())
}
pub(crate) fn lgetfilecon(path: &Utf8CStr, con: &mut [u8]) -> bool {
let mut con = cstr::buf::wrap(con);
path.get_secontext(&mut con).is_ok()
}
pub(crate) fn setfilecon(path: &Utf8CStr, con: &Utf8CStr) -> bool {
path.follow_link().set_secontext(con).is_ok()
}
pub(crate) fn lsetfilecon(path: &Utf8CStr, con: &Utf8CStr) -> bool {
path.set_secontext(con).is_ok()
}

188
native/src/core/socket.cpp
View File

@@ -1,188 +0,0 @@
#include <fcntl.h>
#include <endian.h>
#include <socket.hpp>
#include <base.hpp>
using namespace std;
bool get_client_cred(int fd, sock_cred *cred) {
socklen_t len = sizeof(ucred);
if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, cred, &len) != 0)
return false;
char buf[4096];
len = sizeof(buf);
if (getsockopt(fd, SOL_SOCKET, SO_PEERSEC, buf, &len) != 0)
len = 0;
buf[len] = '\0';
cred->context = buf;
return true;
}
static int send_fds(int sockfd, void *cmsgbuf, size_t bufsz, const int *fds, int cnt) {
iovec iov = {
.iov_base = &cnt,
.iov_len = sizeof(cnt),
};
msghdr msg = {
.msg_iov = &iov,
.msg_iovlen = 1,
};
if (cnt) {
msg.msg_control = cmsgbuf;
msg.msg_controllen = bufsz;
cmsghdr *cmsg = CMSG_FIRSTHDR(&msg);
cmsg->cmsg_len = CMSG_LEN(sizeof(int) * cnt);
cmsg->cmsg_level = SOL_SOCKET;
cmsg->cmsg_type = SCM_RIGHTS;
memcpy(CMSG_DATA(cmsg), fds, sizeof(int) * cnt);
}
return xsendmsg(sockfd, &msg, 0);
}
int send_fds(int sockfd, const int *fds, int cnt) {
if (cnt == 0) {
return send_fds(sockfd, nullptr, 0, nullptr, 0);
}
vector<char> cmsgbuf;
cmsgbuf.resize(CMSG_SPACE(sizeof(int) * cnt));
return send_fds(sockfd, cmsgbuf.data(), cmsgbuf.size(), fds, cnt);
}
int send_fd(int sockfd, int fd) {
if (fd < 0) {
return send_fds(sockfd, nullptr, 0, nullptr, 0);
}
char cmsgbuf[CMSG_SPACE(sizeof(int))];
return send_fds(sockfd, cmsgbuf, sizeof(cmsgbuf), &fd, 1);
}
static void *recv_fds(int sockfd, char *cmsgbuf, size_t bufsz, int cnt) {
iovec iov = {
.iov_base = &cnt,
.iov_len = sizeof(cnt),
};
msghdr msg = {
.msg_iov = &iov,
.msg_iovlen = 1,
.msg_control = cmsgbuf,
.msg_controllen = bufsz
};
xrecvmsg(sockfd, &msg, MSG_WAITALL);
if (msg.msg_controllen != bufsz) {
LOGE("recv_fd: msg_flags = %d, msg_controllen(%zu) != %zu\n",
msg.msg_flags, msg.msg_controllen, bufsz);
return nullptr;
}
cmsghdr *cmsg = CMSG_FIRSTHDR(&msg);
if (cmsg == nullptr) {
LOGE("recv_fd: cmsg == nullptr\n");
return nullptr;
}
if (cmsg->cmsg_len != CMSG_LEN(sizeof(int) * cnt)) {
LOGE("recv_fd: cmsg_len(%zu) != %zu\n", cmsg->cmsg_len, CMSG_LEN(sizeof(int) * cnt));
return nullptr;
}
if (cmsg->cmsg_level != SOL_SOCKET) {
LOGE("recv_fd: cmsg_level != SOL_SOCKET\n");
return nullptr;
}
if (cmsg->cmsg_type != SCM_RIGHTS) {
LOGE("recv_fd: cmsg_type != SCM_RIGHTS\n");
return nullptr;
}
return CMSG_DATA(cmsg);
}
vector<int> recv_fds(int sockfd) {
vector<int> results;
// Peek fd count to allocate proper buffer
int cnt;
recv(sockfd, &cnt, sizeof(cnt), MSG_PEEK);
if (cnt == 0) {
// Consume data
recv(sockfd, &cnt, sizeof(cnt), MSG_WAITALL);
return results;
}
vector<char> cmsgbuf;
cmsgbuf.resize(CMSG_SPACE(sizeof(int) * cnt));
void *data = recv_fds(sockfd, cmsgbuf.data(), cmsgbuf.size(), cnt);
if (data == nullptr)
return results;
results.resize(cnt);
memcpy(results.data(), data, sizeof(int) * cnt);
return results;
}
int recv_fd(int sockfd) {
// Peek fd count
int cnt;
recv(sockfd, &cnt, sizeof(cnt), MSG_PEEK);
if (cnt == 0) {
// Consume data
recv(sockfd, &cnt, sizeof(cnt), MSG_WAITALL);
return -1;
}
char cmsgbuf[CMSG_SPACE(sizeof(int))];
void *data = recv_fds(sockfd, cmsgbuf, sizeof(cmsgbuf), 1);
if (data == nullptr)
return -1;
int result;
memcpy(&result, data, sizeof(int));
return result;
}
int read_int(int fd) {
int val;
if (xxread(fd, &val, sizeof(val)) != sizeof(val))
return -1;
return val;
}
int read_int_be(int fd) {
return ntohl(read_int(fd));
}
void write_int(int fd, int val) {
if (fd < 0) return;
xwrite(fd, &val, sizeof(val));
}
void write_int_be(int fd, int val) {
write_int(fd, htonl(val));
}
bool read_string(int fd, std::string &str) {
int len = read_int(fd);
str.clear();
if (len < 0)
return false;
str.resize(len);
return xxread(fd, str.data(), len) == len;
}
string read_string(int fd) {
string str;
read_string(fd, str);
return str;
}
void write_string(int fd, string_view str) {
if (fd < 0) return;
write_int(fd, str.size());
xwrite(fd, str.data(), str.size());
}

257
native/src/core/socket.rs Normal file
View File

@@ -0,0 +1,257 @@
use base::{ReadExt, ResultExt, WriteExt, libc, warn};
use bytemuck::{Zeroable, bytes_of, bytes_of_mut};
use std::io;
use std::io::{ErrorKind, IoSlice, IoSliceMut, Read, Write};
use std::mem::ManuallyDrop;
use std::os::fd::{FromRawFd, IntoRawFd, OwnedFd, RawFd};
use std::os::unix::net::{AncillaryData, SocketAncillary, UnixStream};
pub trait Encodable {
fn encoded_len(&self) -> usize;
fn encode(&self, w: &mut impl Write) -> io::Result<()>;
}
pub trait Decodable: Sized + Encodable {
fn decode(r: &mut impl Read) -> io::Result<Self>;
}
macro_rules! impl_pod_encodable {
($($t:ty)*) => ($(
impl Encodable for $t {
#[inline(always)]
fn encoded_len(&self) -> usize {
size_of::<Self>()
}
#[inline(always)]
fn encode(&self, w: &mut impl Write) -> io::Result<()> {
w.write_pod(self)
}
}
impl Decodable for $t {
#[inline(always)]
fn decode(r: &mut impl Read) -> io::Result<Self> {
let mut val = Self::zeroed();
r.read_pod(&mut val)?;
Ok(val)
}
}
)*)
}
impl_pod_encodable! { u8 u32 i32 usize }
impl Encodable for bool {
#[inline(always)]
fn encoded_len(&self) -> usize {
size_of::<u8>()
}
#[inline(always)]
fn encode(&self, w: &mut impl Write) -> io::Result<()> {
match *self {
true => 1u8.encode(w),
false => 0u8.encode(w),
}
}
}
impl Decodable for bool {
#[inline(always)]
fn decode(r: &mut impl Read) -> io::Result<Self> {
Ok(u8::decode(r)? != 0)
}
}
impl<T: Decodable> Encodable for Vec<T> {
fn encoded_len(&self) -> usize {
size_of::<i32>() + size_of::<T>() * self.len()
}
fn encode(&self, w: &mut impl Write) -> io::Result<()> {
(self.len() as i32).encode(w)?;
self.iter().try_for_each(|e| e.encode(w))
}
}
impl<T: Decodable> Decodable for Vec<T> {
fn decode(r: &mut impl Read) -> io::Result<Self> {
let len = i32::decode(r)?;
let mut val = Vec::with_capacity(len as usize);
for _ in 0..len {
val.push(T::decode(r)?);
}
Ok(val)
}
}
impl Encodable for str {
fn encoded_len(&self) -> usize {
size_of::<i32>() + self.len()
}
fn encode(&self, w: &mut impl Write) -> io::Result<()> {
(self.len() as i32).encode(w)?;
w.write_all(self.as_bytes())
}
}
impl Encodable for String {
fn encoded_len(&self) -> usize {
self.as_str().encoded_len()
}
fn encode(&self, w: &mut impl Write) -> io::Result<()> {
self.as_str().encode(w)
}
}
impl Decodable for String {
fn decode(r: &mut impl Read) -> io::Result<String> {
let len = i32::decode(r)?;
let mut val = String::with_capacity(len as usize);
r.take(len as u64).read_to_string(&mut val)?;
Ok(val)
}
}
pub trait IpcRead {
fn read_decodable<E: Decodable>(&mut self) -> io::Result<E>;
}
impl<T: Read> IpcRead for T {
#[inline(always)]
fn read_decodable<E: Decodable>(&mut self) -> io::Result<E> {
E::decode(self)
}
}
pub trait IpcWrite {
fn write_encodable<E: Encodable + ?Sized>(&mut self, val: &E) -> io::Result<()>;
}
impl<T: Write> IpcWrite for T {
#[inline(always)]
fn write_encodable<E: Encodable + ?Sized>(&mut self, val: &E) -> io::Result<()> {
val.encode(self)
}
}
pub trait UnixSocketExt {
fn send_fds(&mut self, fd: &[RawFd]) -> io::Result<()>;
fn recv_fd(&mut self) -> io::Result<Option<OwnedFd>>;
fn recv_fds(&mut self) -> io::Result<Vec<OwnedFd>>;
}
impl UnixSocketExt for UnixStream {
fn send_fds(&mut self, fds: &[RawFd]) -> io::Result<()> {
match fds.len() {
0 => self.write_pod(&0)?,
len => {
// 4k buffer is reasonable enough
let mut buf = [0u8; 4096];
let mut ancillary = SocketAncillary::new(&mut buf);
if !ancillary.add_fds(fds) {
return Err(ErrorKind::OutOfMemory.into());
}
let fd_count = len as i32;
let iov = IoSlice::new(bytes_of(&fd_count));
self.send_vectored_with_ancillary(&[iov], &mut ancillary)?;
}
};
Ok(())
}
fn recv_fd(&mut self) -> io::Result<Option<OwnedFd>> {
let mut fd_count = 0;
self.peek(bytes_of_mut(&mut fd_count))?;
if fd_count < 1 {
// Actually consume the data
self.read_pod(&mut fd_count)?;
return Ok(None);
}
if fd_count > 1 {
warn!(
"Received unexpected number of fds: expected=1 actual={}",
fd_count
);
}
// 4k buffer is reasonable enough
let mut buf = [0u8; 4096];
let mut ancillary = SocketAncillary::new(&mut buf);
let iov = IoSliceMut::new(bytes_of_mut(&mut fd_count));
self.recv_vectored_with_ancillary(&mut [iov], &mut ancillary)?;
for msg in ancillary.messages().flatten() {
if let AncillaryData::ScmRights(mut scm_rights) = msg {
// We only want the first one
let fd = if let Some(fd) = scm_rights.next() {
unsafe { OwnedFd::from_raw_fd(fd) }
} else {
return Ok(None);
};
// Close all others
for fd in scm_rights {
unsafe { libc::close(fd) };
}
return Ok(Some(fd));
}
}
Ok(None)
}
fn recv_fds(&mut self) -> io::Result<Vec<OwnedFd>> {
let mut fd_count = 0;
// 4k buffer is reasonable enough
let mut buf = [0u8; 4096];
let mut ancillary = SocketAncillary::new(&mut buf);
let iov = IoSliceMut::new(bytes_of_mut(&mut fd_count));
self.recv_vectored_with_ancillary(&mut [iov], &mut ancillary)?;
let mut fds: Vec<OwnedFd> = Vec::new();
for msg in ancillary.messages().flatten() {
if let AncillaryData::ScmRights(scm_rights) = msg {
fds = scm_rights
.map(|fd| unsafe { OwnedFd::from_raw_fd(fd) })
.collect();
}
}
if fd_count as usize != fds.len() {
warn!(
"Received unexpected number of fds: expected={} actual={}",
fd_count,
fds.len()
);
}
Ok(fds)
}
}
pub fn send_fd(socket: RawFd, fd: RawFd) -> bool {
let mut socket = ManuallyDrop::new(unsafe { UnixStream::from_raw_fd(socket) });
if fd < 0 {
socket.send_fds(&[]).log().is_ok()
} else {
socket.send_fds(&[fd]).log().is_ok()
}
}
pub fn send_fds(socket: RawFd, fds: &[RawFd]) -> bool {
let mut socket = ManuallyDrop::new(unsafe { UnixStream::from_raw_fd(socket) });
socket.send_fds(fds).log().is_ok()
}
pub fn recv_fd(socket: RawFd) -> RawFd {
let mut socket = ManuallyDrop::new(unsafe { UnixStream::from_raw_fd(socket) });
socket
.recv_fd()
.log()
.unwrap_or(None)
.map_or(-1, IntoRawFd::into_raw_fd)
}
pub fn recv_fds(socket: RawFd) -> Vec<RawFd> {
let mut socket = ManuallyDrop::new(unsafe { UnixStream::from_raw_fd(socket) });
let fds = socket.recv_fds().log().unwrap_or(Vec::new());
// SAFETY: OwnedFd and RawFd has the same layout
unsafe { std::mem::transmute(fds) }
}

27
native/src/core/sqlite.cpp
View File

@@ -165,15 +165,17 @@ int DbStatement::bind_text(int index, rust::Str val) {
return sqlite3_bind_text(reinterpret_cast<sqlite3_stmt*>(this), index, val.data(), val.size(), nullptr);
}
#define sql_chk_log(fn, ...) if (int rc = fn(__VA_ARGS__); rc != SQLITE_OK) { \
LOGE("sqlite3(line:%d): %s\n", __LINE__, sqlite3_errstr(rc)); \
return false; \
#define sql_chk_log_ret(ret, fn, ...) if (int rc = fn(__VA_ARGS__); rc != SQLITE_OK) { \
LOGE("sqlite3(line:%d): %s\n", __LINE__, sqlite3_errstr(rc)); \
return ret; \
}
static bool open_and_init_db_impl(sqlite3 **dbOut) {
#define sql_chk_log(fn, ...) sql_chk_log_ret(nullptr, fn, __VA_ARGS__)
sqlite3 *open_and_init_db() {
if (!load_sqlite()) {
LOGE("sqlite3: Cannot load libsqlite.so\n");
return false;
return nullptr;
}
unique_ptr<sqlite3, decltype(sqlite3_close)> db(nullptr, sqlite3_close);
@@ -192,9 +194,10 @@ static bool open_and_init_db_impl(sqlite3 **dbOut) {
};
sql_chk_log(sql_exec_impl, db.get(), "PRAGMA user_version", nullptr, nullptr, ver_cb, &ver);
if (ver > DB_VERSION) {
// Don't support downgrading database
// Don't support downgrading database, delete and retry
LOGE("sqlite3: Downgrading database is not supported\n");
return false;
unlink(MAGISKDB);
return open_and_init_db();
}
auto create_policy = [&] {
@@ -298,13 +301,7 @@ static bool open_and_init_db_impl(sqlite3 **dbOut) {
sql_chk_log(sql_exec_impl, db.get(), "PRAGMA user_version=" DB_VERSION_STR);
}
*dbOut = db.release();
return true;
}
sqlite3 *open_and_init_db() {
sqlite3 *db = nullptr;
return open_and_init_db_impl(&db) ? db : nullptr;
return db.release();
}
// Exported from Rust
@@ -332,7 +329,7 @@ bool db_exec(const char *sql, DbArgs args, db_exec_callback exec_fn) {
fn->operator()(columns, values);
};
}
sql_chk_log(sql_exec_rs, sql, bind_cb, &bind_fn, exec_cb, &exec_fn);
sql_chk_log_ret(false, sql_exec_rs, sql, bind_cb, &bind_fn, exec_cb, &exec_fn);
return true;
}

67
native/src/core/su/connect.cpp
View File

@@ -2,10 +2,8 @@
#include <sys/wait.h>
#include <base.hpp>
#include <selinux.hpp>
#include <consts.hpp>
#include "su.hpp"
#include <core.hpp>
using namespace std;
@@ -21,11 +19,6 @@ using namespace std;
// 0x18800020 = FLAG_ACTIVITY_NEW_TASK|FLAG_ACTIVITY_MULTIPLE_TASK|
// FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS|FLAG_INCLUDE_STOPPED_PACKAGES
#define get_cmd(to) \
((to).command.empty() ? \
((to).shell.empty() ? DEFAULT_SHELL : (to).shell.data()) : \
(to).command.data())
class Extra {
const char *key;
enum {
@@ -128,14 +121,15 @@ static bool check_no_error(int fd) {
}
static void exec_cmd(const char *action, vector<Extra> &data,
const shared_ptr<su_info> &info, bool provider = true) {
const SuAppRequest &info, bool provider = true) {
char target[128];
char user[4];
ssprintf(user, sizeof(user), "%d", to_user_id(info->eval_uid));
ssprintf(user, sizeof(user), "%d", to_user_id(info.eval_uid));
// First try content provider call method
if (provider) {
ssprintf(target, sizeof(target), "content://%s.provider", info->mgr_pkg.data());
ssprintf(target, sizeof(target), "content://%.*s.provider",
(int) info.mgr_pkg.size(), info.mgr_pkg.data());
vector<const char *> args{ CALL_PROVIDER };
for (auto &e : data) {
e.add_bind(args);
@@ -153,7 +147,7 @@ static void exec_cmd(const char *action, vector<Extra> &data,
}
// Then try start activity with package name
strscpy(target, info->mgr_pkg.data(), sizeof(target));
ssprintf(target, sizeof(target), "%.*s", (int) info.mgr_pkg.size(), info.mgr_pkg.data());
vector<const char *> args{ START_ACTIVITY };
for (auto &e : data) {
e.add_intent(args);
@@ -168,53 +162,58 @@ static void exec_cmd(const char *action, vector<Extra> &data,
exec_command(exec);
}
void app_log(const su_context &ctx) {
void app_log(const SuAppRequest &info, SuPolicy policy, bool notify) {
if (fork_dont_care() == 0) {
string context = (string) info.request.context;
string command = info.request.command.empty()
? (string) info.request.shell
: (string) info.request.command;
vector<Extra> extras;
extras.reserve(9);
extras.emplace_back("from.uid", ctx.info->uid);
extras.emplace_back("to.uid", static_cast<int>(ctx.req.uid));
extras.emplace_back("pid", ctx.pid);
extras.emplace_back("policy", +ctx.info->access.policy);
extras.emplace_back("target", ctx.req.target);
extras.emplace_back("context", ctx.req.context.data());
extras.emplace_back("gids", &ctx.req.gids);
extras.emplace_back("command", get_cmd(ctx.req));
extras.emplace_back("notify", (bool) ctx.info->access.notify);
extras.emplace_back("from.uid", info.uid);
extras.emplace_back("to.uid", info.request.target_uid);
extras.emplace_back("pid", info.pid);
extras.emplace_back("policy", +policy);
extras.emplace_back("target", info.request.target_pid);
extras.emplace_back("context", context.data());
extras.emplace_back("gids", &info.request.gids);
extras.emplace_back("command", command.data());
extras.emplace_back("notify", notify);
exec_cmd("log", extras, ctx.info);
exec_cmd("log", extras, info);
exit(0);
}
}
void app_notify(const su_context &ctx) {
void app_notify(const SuAppRequest &info, SuPolicy policy) {
if (fork_dont_care() == 0) {
vector<Extra> extras;
extras.reserve(3);
extras.emplace_back("from.uid", ctx.info->uid);
extras.emplace_back("pid", ctx.pid);
extras.emplace_back("policy", +ctx.info->access.policy);
extras.emplace_back("from.uid", info.uid);
extras.emplace_back("pid", info.pid);
extras.emplace_back("policy", +policy);
exec_cmd("notify", extras, ctx.info);
exec_cmd("notify", extras, info);
exit(0);
}
}
int app_request(const su_context &ctx) {
int app_request(const SuAppRequest &info) {
// Create FIFO
char fifo[64];
ssprintf(fifo, sizeof(fifo), "%s/" INTLROOT "/su_request_%d", get_magisk_tmp(), ctx.pid);
ssprintf(fifo, sizeof(fifo), "%s/" INTLROOT "/su_request_%d", get_magisk_tmp(), info.pid);
mkfifo(fifo, 0600);
chown(fifo, ctx.info->mgr_uid, ctx.info->mgr_uid);
chown(fifo, info.mgr_uid, info.mgr_uid);
setfilecon(fifo, MAGISK_FILE_CON);
// Send request
vector<Extra> extras;
extras.reserve(3);
extras.emplace_back("fifo", fifo);
extras.emplace_back("uid", ctx.info->eval_uid);
extras.emplace_back("pid", ctx.pid);
exec_cmd("request", extras, ctx.info, false);
extras.emplace_back("uid", info.eval_uid);
extras.emplace_back("pid", info.pid);
exec_cmd("request", extras, info, false);
// Wait for data input for at most 70 seconds
// Open with O_RDWR to prevent FIFO open block

299
native/src/core/su/daemon.rs Normal file
View File

@@ -0,0 +1,299 @@
use crate::UCred;
use crate::daemon::{AID_ROOT, AID_SHELL, MagiskD, to_app_id, to_user_id};
use crate::db::{DbSettings, MultiuserMode, RootAccess};
use crate::ffi::{
SuAppRequest, SuPolicy, SuRequest, app_log, app_notify, app_request, exec_root_shell,
};
use crate::socket::IpcRead;
use crate::su::db::RootSettings;
use base::{LoggedResult, ResultExt, WriteExt, debug, error, exit_on_error, libc, warn};
use std::fs::File;
use std::os::fd::{FromRawFd, IntoRawFd};
use std::os::unix::net::UnixStream;
use std::sync::{Arc, Mutex};
use std::time::{Duration, Instant};
const DEFAULT_SHELL: &str = "/system/bin/sh";
impl Default for SuRequest {
fn default() -> Self {
SuRequest {
target_uid: AID_ROOT,
target_pid: -1,
login: false,
keep_env: false,
shell: DEFAULT_SHELL.to_string(),
command: "".to_string(),
context: "".to_string(),
gids: vec![],
}
}
}
pub struct SuInfo {
uid: i32,
eval_uid: i32,
cfg: DbSettings,
mgr_pkg: String,
mgr_uid: i32,
access: Mutex<AccessInfo>,
}
struct AccessInfo {
settings: RootSettings,
timestamp: Instant,
}
impl Default for SuInfo {
fn default() -> Self {
SuInfo {
uid: -1,
eval_uid: -1,
cfg: Default::default(),
mgr_pkg: Default::default(),
mgr_uid: -1,
access: Default::default(),
}
}
}
impl Default for AccessInfo {
fn default() -> Self {
AccessInfo {
settings: Default::default(),
timestamp: Instant::now(),
}
}
}
impl SuInfo {
fn allow(uid: i32) -> SuInfo {
let access = RootSettings {
policy: SuPolicy::Allow,
log: false,
notify: false,
};
SuInfo {
uid,
access: Mutex::new(AccessInfo::new(access)),
..Default::default()
}
}
fn deny(uid: i32) -> SuInfo {
let access = RootSettings {
policy: SuPolicy::Deny,
log: false,
notify: false,
};
SuInfo {
uid,
access: Mutex::new(AccessInfo::new(access)),
..Default::default()
}
}
}
impl AccessInfo {
fn new(settings: RootSettings) -> AccessInfo {
AccessInfo {
settings,
timestamp: Instant::now(),
}
}
fn is_fresh(&self) -> bool {
self.timestamp.elapsed() < Duration::from_secs(3)
}
fn refresh(&mut self) {
self.timestamp = Instant::now();
}
}
impl MagiskD {
pub fn su_daemon_handler(&self, client: i32, cred: &UCred) {
let cred = cred.0;
debug!(
"su: request from uid=[{}], pid=[{}], client=[{}]",
cred.uid, cred.pid, client
);
let mut client = unsafe { UnixStream::from_raw_fd(client) };
let mut req = match client.read_decodable::<SuRequest>().log() {
Ok(req) => req,
Err(_) => {
warn!("su: remote process probably died, abort");
client.write_pod(&SuPolicy::Deny.repr).ok();
return;
}
};
let info = self.get_su_info(cred.uid as i32);
let app_req = SuAppRequest {
uid: cred.uid as i32,
pid: cred.pid,
eval_uid: info.eval_uid,
mgr_pkg: &info.mgr_pkg,
mgr_uid: info.mgr_uid,
request: &req,
};
{
let mut access = info.access.lock().unwrap();
if access.settings.policy == SuPolicy::Query {
let fd = app_request(&app_req);
if fd < 0 {
access.settings.policy = SuPolicy::Deny;
} else {
let mut fd = unsafe { File::from_raw_fd(fd) };
access.settings.policy = SuPolicy {
repr: fd
.read_decodable::<i32>()
.log()
.map(i32::from_be)
.unwrap_or(SuPolicy::Deny.repr),
};
}
}
if access.settings.log {
app_log(&app_req, access.settings.policy, access.settings.notify);
} else if access.settings.notify {
app_notify(&app_req, access.settings.policy);
}
// Before unlocking, refresh the timestamp
access.refresh();
// Fail fast
if access.settings.policy == SuPolicy::Deny {
warn!("su: request rejected ({})", info.uid);
client.write_pod(&SuPolicy::Deny.repr).ok();
return;
}
}
// At this point, the root access is granted.
// Fork a child root process and monitor its exit value.
let child = unsafe { libc::fork() };
if child == 0 {
debug!("su: fork handler");
// Abort upon any error occurred
exit_on_error(true);
// ack
client.write_pod(&0).ok();
exec_root_shell(client.into_raw_fd(), cred.pid, &mut req, info.cfg.mnt_ns);
return;
}
if child < 0 {
error!("su: fork failed, abort");
return;
}
// Wait result
debug!("su: waiting child pid=[{}]", child);
let mut status = 0;
let code = unsafe {
if libc::waitpid(child, &mut status, 0) > 0 {
libc::WEXITSTATUS(status)
} else {
-1
}
};
debug!("su: return code=[{}]", code);
client.write_pod(&code).ok();
}
fn get_su_info(&self, uid: i32) -> Arc<SuInfo> {
if uid == AID_ROOT {
return Arc::new(SuInfo::allow(AID_ROOT));
}
let cached = self.cached_su_info.load();
if cached.uid == uid && cached.access.lock().unwrap().is_fresh() {
return cached;
}
let info = self.build_su_info(uid);
self.cached_su_info.store(info.clone());
info
}
fn build_su_info(&self, uid: i32) -> Arc<SuInfo> {
let result: LoggedResult<Arc<SuInfo>> = try {
let cfg = self.get_db_settings()?;
// Check multiuser settings
let eval_uid = match cfg.multiuser_mode {
MultiuserMode::OwnerOnly => {
if to_user_id(uid) != 0 {
return Arc::new(SuInfo::deny(uid));
}
uid
}
MultiuserMode::OwnerManaged => to_app_id(uid),
_ => uid,
};
// Check su access settings
match cfg.root_access {
RootAccess::Disabled => {
warn!("Root access is disabled!");
return Arc::new(SuInfo::deny(uid));
}
RootAccess::AdbOnly => {
if uid != AID_SHELL {
warn!("Root access limited to ADB only!");
return Arc::new(SuInfo::deny(uid));
}
}
RootAccess::AppsOnly => {
if uid == AID_SHELL {
warn!("Root access is disabled for ADB!");
return Arc::new(SuInfo::deny(uid));
}
}
_ => {}
};
let mut access = RootSettings::default();
self.get_root_settings(eval_uid, &mut access)?;
// We need to talk to the manager, get the app info
let (mgr_uid, mgr_pkg) =
if access.policy == SuPolicy::Query || access.log || access.notify {
self.get_manager(to_user_id(eval_uid), true)
} else {
(-1, String::new())
};
// If it's the manager, allow it silently
if to_app_id(uid) == to_app_id(mgr_uid) {
return Arc::new(SuInfo::allow(uid));
}
// If still not determined, check if manager exists
if access.policy == SuPolicy::Query && mgr_uid < 0 {
return Arc::new(SuInfo::deny(uid));
}
// Finally, the SuInfo
Arc::new(SuInfo {
uid,
eval_uid,
cfg,
mgr_pkg,
mgr_uid,
access: Mutex::new(AccessInfo::new(access)),
})
};
result.unwrap_or(Arc::new(SuInfo::deny(uid)))
}
}

133
native/src/core/su/db.rs Normal file
View File

@@ -0,0 +1,133 @@
use crate::daemon::{
AID_APP_END, AID_APP_START, AID_ROOT, AID_SHELL, MagiskD, to_app_id, to_user_id,
};
use crate::db::DbArg::Integer;
use crate::db::{MultiuserMode, RootAccess, SqlTable, SqliteResult, SqliteReturn};
use crate::ffi::{DbValues, SuPolicy};
use base::ResultExt;
impl Default for SuPolicy {
fn default() -> Self {
SuPolicy::Query
}
}
#[derive(Default)]
pub struct RootSettings {
pub policy: SuPolicy,
pub log: bool,
pub notify: bool,
}
impl SqlTable for RootSettings {
fn on_row(&mut self, columns: &[String], values: &DbValues) {
for (i, column) in columns.iter().enumerate() {
let val = values.get_int(i as i32);
match column.as_str() {
"policy" => self.policy.repr = val,
"logging" => self.log = val != 0,
"notification" => self.notify = val != 0,
_ => {}
}
}
}
}
struct UidList(Vec<i32>);
impl SqlTable for UidList {
fn on_row(&mut self, _: &[String], values: &DbValues) {
self.0.push(values.get_int(0));
}
}
impl MagiskD {
pub fn get_root_settings(&self, uid: i32, settings: &mut RootSettings) -> SqliteResult<()> {
self.db_exec_with_rows(
"SELECT policy, logging, notification FROM policies \
WHERE uid=? AND (until=0 OR until>strftime('%s', 'now'))",
&[Integer(uid as i64)],
settings,
)
.sql_result()
}
pub fn prune_su_access(&self) {
let mut list = UidList(Vec::new());
if self
.db_exec_with_rows("SELECT uid FROM policies", &[], &mut list)
.sql_result()
.log()
.is_err()
{
return;
}
let app_list = self.get_app_no_list();
let mut rm_uids = Vec::new();
for uid in list.0 {
let app_id = to_app_id(uid);
if (AID_APP_START..=AID_APP_END).contains(&app_id) {
let app_no = app_id - AID_APP_START;
if !app_list.contains(app_no as usize) {
// The app_id is no longer installed
rm_uids.push(uid);
}
}
}
for uid in rm_uids {
self.db_exec("DELETE FROM policies WHERE uid=?", &[Integer(uid as i64)]);
}
}
pub fn uid_granted_root(&self, mut uid: i32) -> bool {
if uid == AID_ROOT {
return true;
}
let cfg = match self.get_db_settings().log() {
Ok(cfg) => cfg,
Err(_) => return false,
};
// Check user root access settings
match cfg.root_access {
RootAccess::Disabled => return false,
RootAccess::AppsOnly => {
if uid == AID_SHELL {
return false;
}
}
RootAccess::AdbOnly => {
if uid != AID_SHELL {
return false;
}
}
_ => {}
}
// Check multiuser settings
match cfg.multiuser_mode {
MultiuserMode::OwnerOnly => {
if to_user_id(uid) != 0 {
return false;
}
}
MultiuserMode::OwnerManaged => uid = to_app_id(uid),
_ => {}
}
let mut granted = false;
let mut output_fn =
|_: &[String], values: &DbValues| granted = values.get_int(0) == SuPolicy::Allow.repr;
self.db_exec_with_rows(
"SELECT policy FROM policies WHERE uid=? AND (until=0 OR until>strftime('%s', 'now'))",
&[Integer(uid as i64)],
&mut output_fn,
);
granted
}
}

149
native/src/core/su/mod.rs
View File

@@ -1,145 +1,6 @@
use crate::daemon::{
to_app_id, to_user_id, MagiskD, AID_APP_END, AID_APP_START, AID_ROOT, AID_SHELL,
};
use crate::db::DbArg::Integer;
use crate::db::{SqlTable, SqliteResult, SqliteReturn};
use crate::ffi::{DbValues, MultiuserMode, RootAccess, RootSettings, SuPolicy};
use base::ResultExt;
mod daemon;
mod db;
mod pts;
impl Default for SuPolicy {
fn default() -> Self {
SuPolicy::Query
}
}
impl Default for RootSettings {
fn default() -> Self {
RootSettings {
policy: Default::default(),
log: true,
notify: true,
}
}
}
impl SqlTable for RootSettings {
fn on_row(&mut self, columns: &[String], values: &DbValues) {
for (i, column) in columns.iter().enumerate() {
let val = values.get_int(i as i32);
if column == "policy" {
self.policy.repr = val;
} else if column == "logging" {
self.log = val != 0;
} else if column == "notify" {
self.notify = val != 0;
}
}
}
}
struct UidList(Vec<i32>);
impl SqlTable for UidList {
fn on_row(&mut self, _: &[String], values: &DbValues) {
self.0.push(values.get_int(0));
}
}
impl MagiskD {
fn get_root_settings(&self, uid: i32, settings: &mut RootSettings) -> SqliteResult<()> {
self.db_exec_with_rows(
"SELECT policy, logging, notification FROM policies \
WHERE uid=? AND (until=0 OR until>strftime('%s', 'now'))",
&[Integer(uid as i64)],
settings,
)
.sql_result()
}
pub fn get_root_settings_for_cxx(&self, uid: i32, settings: &mut RootSettings) -> bool {
self.get_root_settings(uid, settings).log().is_ok()
}
pub fn prune_su_access(&self) {
let mut list = UidList(Vec::new());
if self
.db_exec_with_rows("SELECT uid FROM policies", &[], &mut list)
.sql_result()
.log()
.is_err()
{
return;
}
let app_list = self.get_app_no_list();
let mut rm_uids = Vec::new();
for uid in list.0 {
let app_id = to_app_id(uid);
if (AID_APP_START..=AID_APP_END).contains(&app_id) {
let app_no = app_id - AID_APP_START;
if !app_list.contains(app_no as usize) {
// The app_id is no longer installed
rm_uids.push(uid);
}
}
}
for uid in rm_uids {
self.db_exec("DELETE FROM policies WHERE uid=?", &[Integer(uid as i64)]);
}
}
pub fn uid_granted_root(&self, mut uid: i32) -> bool {
if uid == AID_ROOT {
return true;
}
let cfg = match self.get_db_settings().log() {
Ok(cfg) => cfg,
Err(_) => return false,
};
// Check user root access settings
match cfg.root_access {
RootAccess::Disabled => return false,
RootAccess::AppsOnly => {
if uid == AID_SHELL {
return false;
}
}
RootAccess::AdbOnly => {
if uid != AID_SHELL {
return false;
}
}
_ => {}
}
// Check multiuser settings
match cfg.multiuser_mode {
MultiuserMode::OwnerOnly => {
if to_user_id(uid) != 0 {
return false;
}
}
MultiuserMode::OwnerManaged => uid = to_app_id(uid),
_ => {}
}
let mut granted = false;
let mut output_fn =
|_: &[String], values: &DbValues| granted = values.get_int(0) == SuPolicy::Allow.repr;
self.db_exec_with_rows(
"SELECT policy FROM policies WHERE uid=? AND (until=0 OR until>strftime('%s', 'now'))",
&[Integer(uid as i64)],
&mut output_fn,
);
granted
}
}
pub fn get_default_root_settings() -> RootSettings {
RootSettings::default()
}
pub use daemon::SuInfo;
pub use pts::{get_pty_num, pump_tty, restore_stdin};

Some files were not shown because too many files have changed in this diff Show More