From 86f183bd2ed80c6ebbcdd0c92ba8cbb32b8584cb Mon Sep 17 00:00:00 2001 From: kam821 Date: Sat, 11 Jan 2020 21:27:32 +0100 Subject: [PATCH] 6.1.5 - update Changelog: - Magisk version detecting moved into runtime script instead of one-time check during install. - Live loading sepolicy rules for legacy Magisk version from sepolicy.rule file Rewritten post-fs-data.sh and scripts.sh - Added missing paths in uninstall.sh - Upgrade to the latest module installer format - Fixed some bugs. --- .gitattributes | 9 ++ META-INF/com/google/android/update-binary | 6 +- common/post-fs-data.sh | 47 +++--- common/sepolicy.rule | 2 +- common/service.sh | 52 +++---- customize.sh | 34 +++++ install.sh | 171 ---------------------- module.prop | 7 +- uninstall.sh | 12 +- 9 files changed, 105 insertions(+), 235 deletions(-) create mode 100644 .gitattributes create mode 100644 customize.sh delete mode 100644 install.sh diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9cd4cfa --- /dev/null +++ b/.gitattributes @@ -0,0 +1,9 @@ +# Declare files that will always have LF line endings on checkout. +META-INF/** text eol=lf +*.prop text eol=lf +*.sh text eol=lf +*.md text eol=lf + +# Denote all files that are truly binary and should not be modified. +system/** binary +taichi binary \ No newline at end of file diff --git a/META-INF/com/google/android/update-binary b/META-INF/com/google/android/update-binary index d19eeb5..d3c7e04 100644 --- a/META-INF/com/google/android/update-binary +++ b/META-INF/com/google/android/update-binary @@ -120,11 +120,11 @@ if is_legacy_script; then ui_print "- Setting permissions" set_permissions else - print_modname - unzip -o "$ZIPFILE" customize.sh -d $MODPATH >&2 if ! grep -q '^SKIPUNZIP=1$' $MODPATH/customize.sh 2>/dev/null; then + print_modname + ui_print "- Extracting module files" unzip -o "$ZIPFILE" -x 'META-INF/*' -d $MODPATH >&2 @@ -170,4 +170,4 @@ $BOOTMODE || recovery_cleanup rm -rf $TMPDIR ui_print "- Done" -exit 0 \ No newline at end of file +exit 0 diff --git a/common/post-fs-data.sh b/common/post-fs-data.sh index 22a9608..9d76a96 100755 --- a/common/post-fs-data.sh +++ b/common/post-fs-data.sh @@ -1,23 +1,34 @@ -#!/system/bin/sh - +# Do NOT assume where your module will be located. +# ALWAYS use $MODDIR if you need to know where this script +# and module is placed. +# This will make sure your module will still work +# if Magisk change its mount point in the future MODDIR=${0%/*} -rm /data/misc/taichi +# This script will be executed in post-fs-data mode + +WATCH_FILE="/data/misc/taichi" +ENFORCE_FILE="/data/misc/taichi_enforce" +LOG_FILE="/data/local/tmp/taichi.log" +SEPOLICY_FILE="${MODDIR}/sepolicy.rule" + +rm -f "{WATCH_FILE}" +rm -f "{ENFORCE_FILE}" +rm -f "{LOG_FILE}" -[[ -f ${MODDIR}/sepolicy.rule ]] && exit 0 +# Load utility functions +[ -f "/data/adb/magisk/util_functions.sh" ] && . /data/adb/magisk/util_functions.sh +[ "${MAGISK_VER_CODE}" -ge 20110 ] && exit 0 -if [[ $(getprop ro.build.version.sdk) -ge 29 ]]; then - AB_UPDATE=$(getprop ro.build.ab_update) - SAR=$(getprop ro.build.system_root_image) - if [[ ${AB_UPDATE} != "true" ]] || ([[ ${AB_UPDATE} == "true" ]] && [[ ${SAR} == "false" ]]); then - touch /data/misc/taichi_enforce - setenforce 0 - exit 0 - fi -fi +AB_UPDATE=$(getprop ro.build.ab_update) +grep ' / ' /proc/mounts | grep -qv 'rootfs' && SAR="true" || SAR="false" +[ "${AB_UPDATE}" != "true" ] || ([ "${AB_UPDATE}" == "true" ] && [ "${SAR}" == "false" ]) && ENFORCE="true" || ENFORCE="false" -magiskpolicy --live "allow system_server system_server process { execmem }"\ - "allow system_server apk_data_file file *"\ - "allow system_server app_data_file file *"\ - "allow system_server dalvikcache_data_file file { execute }"\ - "allow system_server system_file file { execute_no_trans }" +if ([ $(getprop ro.build.version.sdk) -ge 29 ] && [ "${ENFORCE}" == "true" ]) || [ ! -f "${SEPOLICY_FILE}" ]; then + touch "${ENFORCE_FILE}" >&2 + setenforce 0 +else + grep -v '^#' < "${SEPOLICY_FILE}" | while read RULE; do + magiskpolicy --live "${RULE}" + done +fi \ No newline at end of file diff --git a/common/sepolicy.rule b/common/sepolicy.rule index c56da9f..16fad1c 100755 --- a/common/sepolicy.rule +++ b/common/sepolicy.rule @@ -2,4 +2,4 @@ allow system_server system_server process { execmem } allow system_server apk_data_file file * allow system_server app_data_file file * allow system_server dalvikcache_data_file file { execute } -allow system_server system_file file { execute_no_trans } +allow system_server system_file file { execute_no_trans } \ No newline at end of file diff --git a/common/service.sh b/common/service.sh index 3c541fb..a891bc6 100644 --- a/common/service.sh +++ b/common/service.sh @@ -1,52 +1,34 @@ #!/system/bin/sh -# Please don't hardcode /magisk/modname/... ; instead, please use $MODDIR/... -# This will make your scripts compatible even if Magisk change its mount point in the future +# Do NOT assume where your module will be located. +# ALWAYS use $MODDIR if you need to know where this script +# and module is placed. +# This will make sure your module will still work +# if Magisk change its mount point in the future MODDIR=${0%/*} # This script will be executed in late_start service mode # More info in the main Magisk thread -TAICHI_LOG=/data/local/tmp/taichi.log -logcat > ${TAICHI_LOG} & -LOGCAT_PID=$! - -log() { - echo "[$(date +"%H:%M:%S:%3N %d-%m-%Y")] $1" | tee -a ${TAICHI_LOG} -} +WATCH_FILE="/data/misc/taichi" +ENFORCE_FILE="/data/misc/taichi_enforce" timeout=10 -WATCH_FILE=/data/misc/taichi -while ((timeout > 0)) && [[ ! -f ${WATCH_FILE} ]]; -do +while [ ! -f "${WATCH_FILE}" ] && [ "$timeout" -gt 0 ]; do + timeout=$((timeout-1)) sleep 1 - ((timeout -= 1)) done -if [[ ! -f ${WATCH_FILE} ]]; then - setprop ctl.restart zygote_secondary +if [ ! -f "${WATCH_FILE}" ]; then + setprop ctl.restart zygote_secondary >&2 else - rm ${WATCH_FILE} + rm -f "${WATCH_FILE}" fi -max_wait=300 -interval=1 -BOOT_COMPLETED=false -while [[ "$max_wait" -gt 0 ]]; do - if [[ "$(getprop sys.boot_completed)" = "1" ]];then - BOOT_COMPLETED=true - log "BOOT_COMPLETED" - break - fi - sleep ${interval} - log "WAIT FOR BOOT_COMPLETE" - max_wait=$((max_wait-1)) +until [ $(getprop sys.boot_completed) -eq 1 ]; do + sleep 1 done -ENFORCE_FILE=/data/misc/taichi_enforce -if [[ -f ${ENFORCE_FILE} ]] && [[ "${BOOT_COMPLETED}" = "true" ]];then - log "RESTORE SELinux" - rm ${ENFORCE_FILE} +if [ -f "${ENFORCE_FILE}" ]; then + rm -f "${ENFORCE_FILE}" setenforce 1 -fi - -kill ${LOGCAT_PID} +fi \ No newline at end of file diff --git a/customize.sh b/customize.sh new file mode 100644 index 0000000..89a755e --- /dev/null +++ b/customize.sh @@ -0,0 +1,34 @@ +# Set what you want to display when installing your module +print_modname() { + ui_print "*******************************" + ui_print " TaiChi - Magisk " + ui_print " " + ui_print " by @weishu " + ui_print " " + ui_print " https://taichi.cool " + ui_print "*******************************" +} + +on_install() { + ui_print "- Extracting module files" + unzip -oj "$ZIPFILE" taichi module.prop uninstall.sh 'common/*' -d $MODPATH >&2 + unzip -o "$ZIPFILE" 'system/*' -d $MODPATH >&2 + + chmod 0100 $MODPATH/taichi + $MODPATH/taichi $MODPATH $MODPATH + rm -f $MODPATH/taichi 2>&1 >/dev/null + + [ $? -eq 0 ] && ui_print "Installed." || abort "Install error: $?" +} + +set_permissions() { + ui_print "- Setting permissions" + # The following is the default rule, DO NOT remove + set_perm_recursive $MODPATH 0 0 0755 0644 + # set_perm $MODPATH/system/lib/libmedia_legacy.so 0 0 0644 u:object_r:system_lib_file:s0 +} + +SKIPUNZIP=1 +print_modname +on_install +set_permissions \ No newline at end of file diff --git a/install.sh b/install.sh deleted file mode 100644 index fa0e905..0000000 --- a/install.sh +++ /dev/null @@ -1,171 +0,0 @@ -########################################################################################## -# -# Magisk Module Installer Script -# -########################################################################################## -########################################################################################## -# -# Instructions: -# -# 1. Place your files into system folder (delete the placeholder file) -# 2. Fill in your module's info into module.prop -# 3. Configure and implement callbacks in this file -# 4. If you need boot scripts, add them into common/post-fs-data.sh or common/service.sh -# 5. Add your additional or modified system properties into common/system.prop -# -########################################################################################## - -########################################################################################## -# Config Flags -########################################################################################## - -# Set to true if you do *NOT* want Magisk to mount -# any files for you. Most modules would NOT want -# to set this flag to true -SKIPMOUNT=false - -# Set to true if you need to load system.prop -PROPFILE=true - -# Set to true if you need post-fs-data script -POSTFSDATA=true - -# Set to true if you need late_start service script -LATESTARTSERVICE=true - -########################################################################################## -# Replace list -########################################################################################## - -# List all directories you want to directly replace in the system -# Check the documentations for more info why you would need this - -# Construct your list in the following format -# This is an example -REPLACE_EXAMPLE=" -/system/app/Youtube -/system/priv-app/SystemUI -/system/priv-app/Settings -/system/framework -" - -# Construct your own list here -REPLACE=" -" - -########################################################################################## -# -# Function Callbacks -# -# The following functions will be called by the installation framework. -# You do not have the ability to modify update-binary, the only way you can customize -# installation is through implementing these functions. -# -# When running your callbacks, the installation framework will make sure the Magisk -# internal busybox path is *PREPENDED* to PATH, so all common commands shall exist. -# Also, it will make sure /data, /system, and /vendor is properly mounted. -# -########################################################################################## -########################################################################################## -# -# The installation framework will export some variables and functions. -# You should use these variables and functions for installation. -# -# ! DO NOT use any Magisk internal paths as those are NOT public API. -# ! DO NOT use other functions in util_functions.sh as they are NOT public API. -# ! Non public APIs are not guranteed to maintain compatibility between releases. -# -# Available variables: -# -# MAGISK_VER (string): the version string of current installed Magisk -# MAGISK_VER_CODE (int): the version code of current installed Magisk -# BOOTMODE (bool): true if the module is currently installing in Magisk Manager -# MODPATH (path): the path where your module files should be installed -# TMPDIR (path): a place where you can temporarily store files -# ZIPFILE (path): your module's installation zip -# ARCH (string): the architecture of the device. Value is either arm, arm64, x86, or x64 -# IS64BIT (bool): true if $ARCH is either arm64 or x64 -# API (int): the API level (Android version) of the device -# -# Availible functions: -# -# ui_print -# print to console -# Avoid using 'echo' as it will not display in custom recovery's console -# -# abort -# print error message to console and terminate installation -# Avoid using 'exit' as it will skip the termination cleanup steps -# -# set_perm [context] -# if [context] is empty, it will default to "u:object_r:system_file:s0" -# this function is a shorthand for the following commands -# chown owner.group target -# chmod permission target -# chcon context target -# -# set_perm_recursive [context] -# if [context] is empty, it will default to "u:object_r:system_file:s0" -# for all files in , it will call: -# set_perm file owner group filepermission context -# for all directories in (including itself), it will call: -# set_perm dir owner group dirpermission context -# -########################################################################################## -########################################################################################## -# If you need boot scripts, DO NOT use general boot scripts (post-fs-data.d/service.d) -# ONLY use module scripts as it respects the module status (remove/disable) and is -# guaranteed to maintain the same behavior in future Magisk releases. -# Enable boot scripts by setting the flags in the config section above. -########################################################################################## - -# Set what you want to display when installing your module - -print_modname() { - ui_print "*******************************" - ui_print " TaiChi - Magisk " - ui_print " " - ui_print " by @weishu " - ui_print " " - ui_print " https://taichi.cool " - ui_print "*******************************" -} - -# Copy/extract your module files into $MODPATH in on_install. - -on_install() { - ui_print "- Extracting module files" - unzip -o "$ZIPFILE" 'system/*' -d $MODPATH >&2 - unzip -o "$ZIPFILE" 'taichi' -d $TMPDIR >&2 - - if [[ ${MAGISK_VER_CODE} -ge 20200 ]]; then - ui_print "- Extracting sepolicy.rule for Magisk: ${MAGISK_VER_CODE}" - unzip -oj "$ZIPFILE" 'common/sepolicy.rule' -d ${MODPATH} >&2 || abort "Extract sepolicy error: $?" - fi - - chmod 0100 $TMPDIR/taichi - $TMPDIR/taichi $MODPATH $TMPDIR && ui_print "Installed." || abort "Install error: $?" -} - -# Only some special files require specific permissions -# This function will be called after on_install is done -# The default permissions should be good enough for most cases - -set_permissions() { - # The following is the default rule, DO NOT remove - set_perm_recursive $MODPATH 0 0 0755 0644 - # set_perm $MODPATH/system/lib/libmedia_legacy.so 0 0 0644 u:object_r:system_lib_file:s0 - # Here are some examples: - # set_perm_recursive $MODPATH/system/lib 0 0 0755 0644 - # set_perm $MODPATH/system/bin/app_process32 0 2000 0755 u:object_r:zygote_exec:s0 - # set_perm $MODPATH/system/bin/dex2oat 0 2000 0755 u:object_r:dex2oat_exec:s0 - # set_perm $MODPATH/system/lib/libart.so 0 0 0644 -} - -check_architecture() { - if [[ "$ARCH" != "arm" && "$ARCH" != "arm64" ]]; then - abort "- Unsupported platform: $ARCH" - else - ui_print "- Device platform: $ARCH" - fi -} \ No newline at end of file diff --git a/module.prop b/module.prop index ccbea32..a7fcbab 100644 --- a/module.prop +++ b/module.prop @@ -1,7 +1,6 @@ id=taichi name=Taichi -version=v6.1.4 -versionCode=614 +version=v6.1.5 +versionCode=615 author=weishu -description=Use Xposed modules with Taichi in Magisk. -minMagisk=17000 \ No newline at end of file +description=Use Xposed modules with Taichi in Magisk. \ No newline at end of file diff --git a/uninstall.sh b/uninstall.sh index 70afb7e..31b94e7 100644 --- a/uninstall.sh +++ b/uninstall.sh @@ -1,3 +1,9 @@ -[ -d "/data/system/taichi" ] && rm -rf /data/system/taichi 2>/dev/null -[ -f "/data/misc/taichi" ] && rm -f /data/misc/taichi 2>/dev/null -[ -f "/data/local/tmp/taichi.log" ] && rm -f /data/local/tmp/taichi.log 2>/dev/null \ No newline at end of file +SYSTEM_DIR="/data/system/taichi" +WATCH_FILE="/data/misc/taichi" +ENFORCE_FILE="/data/misc/taichi_enforce" +LOG_FILE="/data/local/tmp/taichi.log" + +rm -rf "${SYSTEM_DIR}" +rm -f "${WATCH_FILE}" +rm -f "${ENFORCE_FILE}" +rm -f "${LOG_FILE}" \ No newline at end of file