From 2d80ce6935562637e156a42ea0636d9f2c5320f8 Mon Sep 17 00:00:00 2001 From: Stillhard Date: Sun, 13 Apr 2025 09:54:35 +0700 Subject: [PATCH 1/5] fix: SELinux rules (#130) This commit allows Zygote to access files in /data/adb, so that it can load the Zygisk modules. Signed-off-by: Stillhard --- module/src/sepolicy.rule | 1 + 1 file changed, 1 insertion(+) diff --git a/module/src/sepolicy.rule b/module/src/sepolicy.rule index 859f87f..76835a1 100644 --- a/module/src/sepolicy.rule +++ b/module/src/sepolicy.rule @@ -9,6 +9,7 @@ allow zygote su dir search allow zygote su {lnk_file file} read allow zygote adb_data_file dir search +allow zygote adb_data_file file * allow zygote zygote process execmem allow system_server system_server process execmem allow zygote tmpfs file * From c37a5b1c8e0cfa00d3cec3875e42c0281c600462 Mon Sep 17 00:00:00 2001 From: Breathleas <39123978+Breathleas@users.noreply.github.com> Date: Mon, 14 Apr 2025 06:12:08 +0800 Subject: [PATCH 2/5] fix: missing `status32` exit check (#128) This commit fixes the issue where 32-bit daemon wouldn't be checked for exits, as the macro hardcoded "status64". Signed-off-by: Breathleas <39123978+Breathleas@users.noreply.github.com> Co-authored-by: anyusec <145352653+anyusec@users.noreply.github.com> Co-authored-by: Pedro.js --- loader/src/ptracer/monitor.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/loader/src/ptracer/monitor.cpp b/loader/src/ptracer/monitor.cpp index af7f28c..d02e563 100644 --- a/loader/src/ptracer/monitor.cpp +++ b/loader/src/ptracer/monitor.cpp @@ -438,7 +438,7 @@ static bool ensure_daemon_created(bool is_64bit) { } #define CHECK_DAEMON_EXIT(abi) \ - if (status##abi.supported && pid == status64.daemon_pid) { \ + if (status##abi.supported && pid == status##abi.daemon_pid) { \ char status_str[64]; \ parse_status(status, status_str, sizeof(status_str)); \ \ From db24c1c4396056ca659233e9422e1e536d13cc3c Mon Sep 17 00:00:00 2001 From: ThePedroo Date: Wed, 16 Apr 2025 02:04:40 -0300 Subject: [PATCH 3/5] improve: not umount modules `/system` mounts This commit creates a new behavior in ReZygisk umounting system where it now ignores "/system/..." mounts, as umounting them generally leads to unbootable system. --- zygiskd/src/utils.c | 41 +++++++++++++++++------------------------ 1 file changed, 17 insertions(+), 24 deletions(-) diff --git a/zygiskd/src/utils.c b/zygiskd/src/utils.c index 6922599..8c2d00b 100644 --- a/zygiskd/src/utils.c +++ b/zygiskd/src/utils.c @@ -358,7 +358,7 @@ bool exec_command(char *restrict buf, size_t len, const char *restrict file, cha dup2(link[1], STDOUT_FILENO); close(link[0]); close(link[1]); - + execv(file, argv); LOGE("execv failed: %s\n", strerror(errno)); @@ -626,7 +626,7 @@ enum mns_umount_state unmount_root(bool modules_only, struct root_impl impl) { char source_name[LONGEST_ROOT_IMPL_NAME]; if (impl.impl == KernelSU) strcpy(source_name, "KSU"); else strcpy(source_name, "APatch"); - + const char **targets_to_unmount = NULL; size_t num_targets = 0; @@ -639,6 +639,8 @@ enum mns_umount_state unmount_root(bool modules_only, struct root_impl impl) { if (strncmp(mount.target, "/debug_ramdisk", strlen("/debug_ramdisk")) == 0) should_unmount = true; } else { + if (strncmp(mount.target, "/system/", strlen("/system/")) == 0) continue; + if (strcmp(mount.source, source_name) == 0) should_unmount = true; if (strncmp(mount.root, "/adb/modules", strlen("/adb/modules")) == 0) should_unmount = true; if (strncmp(mount.target, "/data/adb/modules", strlen("/data/adb/modules")) == 0) should_unmount = true; @@ -675,7 +677,7 @@ enum mns_umount_state unmount_root(bool modules_only, struct root_impl impl) { } case Magisk: { LOGI("[Magisk] Unmounting root %s modules\n", modules_only ? "only" : "with"); - + const char **targets_to_unmount = NULL; size_t num_targets = 0; @@ -683,27 +685,18 @@ enum mns_umount_state unmount_root(bool modules_only, struct root_impl impl) { struct mountinfo mount = mounts.mounts[i]; bool should_unmount = false; - if ( - ( - modules_only && - ( - strcmp(mount.source, "magisk") == 0 || - strncmp(mount.target, "/debug_ramdisk", strlen("/debug_ramdisk")) == 0 || - strncmp(mount.target, "/system/bin", strlen("/system/bin")) == 0 - ) - ) || - ( - !modules_only && - ( - strcmp(mount.source, "magisk") == 0 || - strncmp(mount.target, "/debug_ramdisk", strlen("/debug_ramdisk")) == 0 || - strncmp(mount.target, "/data/adb/modules", strlen("/data/adb/modules")) == 0 || - strncmp(mount.root, "/adb/modules", strlen("/adb/modules")) == 0 || - strncmp(mount.target, "/system/bin", strlen("/system/bin")) == 0 - ) - ) - ) { - should_unmount = true; + if (modules_only) { + if (strcmp(mount.source, "magisk") == 0) should_unmount = true; + if (strncmp(mount.target, "/debug_ramdisk", strlen("/debug_ramdisk")) == 0) should_unmount = true; + if (strncmp(mount.target, "/system/bin", strlen("/system/bin")) == 0) should_unmount = true; + } else { + if (strncmp(mount.target, "/system/", strlen("/system/")) == 0) continue; + + if (strcmp(mount.source, "magisk") == 0) should_unmount = true; + if (strncmp(mount.target, "/debug_ramdisk", strlen("/debug_ramdisk")) == 0) should_unmount = true; + if (strncmp(mount.target, "/data/adb/modules", strlen("/data/adb/modules")) == 0) should_unmount = true; + if (strncmp(mount.root, "/adb/modules", strlen("/adb/modules")) == 0) should_unmount = true; + if (strncmp(mount.target, "/system/bin", strlen("/system/bin")) == 0) should_unmount = true; } if (!should_unmount) continue; From 8f70a1a451aaefbb92aa869f96a86c357d22b892 Mon Sep 17 00:00:00 2001 From: ThePedroo Date: Wed, 16 Apr 2025 02:07:59 -0300 Subject: [PATCH 4/5] remove: unused `mazoku` file This commit removes the "mazoku" file, which is only used by Zygisk Next/Shamiko for module integrity and signing, and is not used in ReZygisk. --- module/build.gradle.kts | 4 +--- module/src/customize.sh | 1 - module/src/mazoku | 1 - 3 files changed, 1 insertion(+), 5 deletions(-) delete mode 100644 module/src/mazoku diff --git a/module/build.gradle.kts b/module/build.gradle.kts index a9c52fb..5a5f184 100644 --- a/module/build.gradle.kts +++ b/module/build.gradle.kts @@ -53,7 +53,7 @@ androidComponents.onVariants { variant -> into(moduleDir) from("${rootProject.projectDir}/README.md") from("$projectDir/src") { - exclude("module.prop", "customize.sh", "post-fs-data.sh", "service.sh", "uninstall.sh", "mazoku") + exclude("module.prop", "customize.sh", "post-fs-data.sh", "service.sh", "uninstall.sh") filter("eol" to FixCrLfFilter.CrLf.newInstance("lf")) } from("$projectDir/src") { @@ -65,7 +65,6 @@ androidComponents.onVariants { variant -> "versionCode" to verCode ) } - from("$projectDir/src/mazoku") from("$projectDir/src") { include("customize.sh", "post-fs-data.sh", "service.sh", "uninstall.sh") val tokens = mapOf( @@ -122,7 +121,6 @@ androidComponents.onVariants { variant -> set.add(Pair(root.file("sepolicy.rule").asFile, null)) set.add(Pair(root.file("post-fs-data.sh").asFile, null)) set.add(Pair(root.file("service.sh").asFile, null)) - set.add(Pair(root.file("mazoku").asFile, null)) set.add( Pair( root.file("lib/libzygisk.so").asFile, diff --git a/module/src/customize.sh b/module/src/customize.sh index 741581f..649b707 100644 --- a/module/src/customize.sh +++ b/module/src/customize.sh @@ -104,7 +104,6 @@ extract "$ZIPFILE" 'module.prop' "$MODPATH" extract "$ZIPFILE" 'post-fs-data.sh' "$MODPATH" extract "$ZIPFILE" 'service.sh' "$MODPATH" extract "$ZIPFILE" 'uninstall.sh' "$MODPATH" -extract "$ZIPFILE" 'mazoku' "$MODPATH" mv "$TMPDIR/sepolicy.rule" "$MODPATH" mkdir "$MODPATH/bin" diff --git a/module/src/mazoku b/module/src/mazoku deleted file mode 100644 index a7cd563..0000000 --- a/module/src/mazoku +++ /dev/null @@ -1 +0,0 @@ -c—„ˆ]œ‘ „[{Ú­‚BÒuÞ5=ÙrEUÕZ„Ê¿èã<¦5ß_oñãMéL•l•¢ÛQ#ÿøœC¾}ù eäfjÙ‚/©7³‡Ž(â´g Date: Wed, 16 Apr 2025 02:15:08 -0300 Subject: [PATCH 5/5] improve: `magisk` binary check code This commit improves and simplifies the code that checks in which path the "magisk" binary is by using loops instead of hardcoded "if"s. --- zygiskd/src/root_impl/magisk.c | 59 ++++++++++++---------------------- 1 file changed, 21 insertions(+), 38 deletions(-) diff --git a/zygiskd/src/root_impl/magisk.c b/zygiskd/src/root_impl/magisk.c index 9f4e364..ee5d48b 100644 --- a/zygiskd/src/root_impl/magisk.c +++ b/zygiskd/src/root_impl/magisk.c @@ -30,53 +30,36 @@ char *magisk_managers[] = { enum magisk_variants variant = Official; /* INFO: Longest path */ -static char path_to_magisk[sizeof(DEBUG_RAMDISK_MAGISK)]; +static char path_to_magisk[sizeof(DEBUG_RAMDISK_MAGISK)] = { 0 }; bool is_using_sulist = false; void magisk_get_existence(struct root_impl_state *state) { - struct stat s; - if (stat(SBIN_MAGISK, &s) != 0) { - if (errno != ENOENT) { - LOGE("Failed to stat Magisk /sbin/magisk binary: %s\n", strerror(errno)); - } - errno = 0; + const char *magisk_files[] = { + SBIN_MAGISK, + BITLESS_SBIN_MAGISK, + DEBUG_RAMDISK_MAGISK, + BITLESS_DEBUG_RAMDISK_MAGISK + }; - if (stat(BITLESS_SBIN_MAGISK, &s) != 0) { + for (size_t i = 0; i < sizeof(magisk_files) / sizeof(magisk_files[0]); i++) { + if (access(magisk_files[i], F_OK) != 0) { if (errno != ENOENT) { - LOGE("Failed to stat Magisk %s binary: %s\n", BITLESS_SBIN_MAGISK, strerror(errno)); + LOGE("Failed to access Magisk binary: %s\n", strerror(errno)); } errno = 0; - if (stat(DEBUG_RAMDISK_MAGISK, &s) != 0) { - if (errno != ENOENT) { - LOGE("Failed to stat Magisk %s binary: %s\n", DEBUG_RAMDISK_MAGISK, strerror(errno)); - } - errno = 0; - - if (stat(BITLESS_DEBUG_RAMDISK_MAGISK, &s) != 0) { - if (errno != ENOENT) { - LOGE("Failed to stat Magisk /debug_ramdisk/magisk binary: %s\n", strerror(errno)); - } - errno = 0; - - state->state = Inexistent; - - return; - } - - /* INFO: /debug_ramdisk/magisk64 (or 32) doesn't exist but /debug_ramdisk/magisk does */ - strcpy(path_to_magisk, BITLESS_DEBUG_RAMDISK_MAGISK); - } else { - /* INFO: /sbin/magisk doesn't exist but /debug_ramdisk/magisk does */ - strcpy(path_to_magisk, DEBUG_RAMDISK_MAGISK); - } - } else { - /* INFO: /sbin/magisk64 (or 32) doesn't exist but /sbin/magisk does */ - strcpy(path_to_magisk, BITLESS_SBIN_MAGISK); + continue; } - } else { - /* INFO: /sbin/magisk64 (or 32) exists */ - strcpy(path_to_magisk, SBIN_MAGISK); + + strcpy(path_to_magisk, magisk_files[i]); + + break; + } + + if (path_to_magisk[0] == '\0') { + state->state = Inexistent; + + return; } char *argv[4] = { "magisk", "-v", NULL, NULL };