diff --git a/native/jni/init/init.h b/native/jni/init/init.h index 8251aa891..746fa0c45 100644 --- a/native/jni/init/init.h +++ b/native/jni/init/init.h @@ -3,6 +3,8 @@ #include #include +#include + struct cmdline { bool skip_initramfs; bool force_normal_boot; @@ -45,7 +47,7 @@ protected: virtual void cleanup(); public: BaseInit(char *argv[], cmdline *cmd) : - cmd(cmd), argv(argv), mount_list{"/sys", "/proc", "/dev"} {} + cmd(cmd), argv(argv), mount_list{"/sys", "/proc"} {} virtual ~BaseInit() = default; virtual void start() = 0; }; @@ -53,6 +55,7 @@ public: class MagiskInit : public BaseInit { protected: raw_data self; + const char *persist_dir; virtual void early_mount() = 0; bool patch_sepolicy(const char *file = "/sepolicy"); @@ -68,7 +71,9 @@ protected: void backup_files(); void patch_rootdir(); public: - SARBase(char *argv[], cmdline *cmd) : MagiskInit(argv, cmd) {}; + SARBase(char *argv[], cmdline *cmd) : MagiskInit(argv, cmd) { + persist_dir = MIRRDIR "/persist/magisk"; + } void start() override { early_mount(); patch_rootdir(); @@ -132,7 +137,9 @@ private: protected: void early_mount() override; public: - RootFSInit(char *argv[], cmdline *cmd) : MagiskInit(argv, cmd) {}; + RootFSInit(char *argv[], cmdline *cmd) : MagiskInit(argv, cmd) { + persist_dir = "/dev/.magisk/mirror/persist/magisk"; + } void start() override { early_mount(); diff --git a/native/jni/init/mount.cpp b/native/jni/init/mount.cpp index c8bcbc5bf..40afba5cd 100644 --- a/native/jni/init/mount.cpp +++ b/native/jni/init/mount.cpp @@ -126,6 +126,13 @@ void RootFSInit::early_mount() { root = xopen("/", O_RDONLY | O_CLOEXEC); rename("/.backup/init", "/init"); + // Mount sbin overlay for persist, but move it and add to cleanup list + mount_sbin(); + xmount("/sbin", "/dev", nullptr, MS_MOVE, nullptr); + mount_list.emplace_back("/dev"); + mount_list.emplace_back("/dev/.magisk/mirror/persist"); + mount_list.emplace_back("/dev/.magisk/mirror/cache"); + mount_root(system); mount_root(vendor); mount_root(product); @@ -169,6 +176,7 @@ void SARInit::early_mount() { // Make dev writable xmkdir("/dev", 0755); xmount("tmpfs", "/dev", "tmpfs", 0, "mode=755"); + mount_list.emplace_back("/dev"); backup_files(); @@ -227,9 +235,11 @@ void SecondStageInit::early_mount() { void BaseInit::cleanup() { // Unmount in reverse order for (auto &p : reversed(mount_list)) { - LOGD("Unmount [%s]\n", p.data()); - umount(p.data()); + if (xumount(p.data()) == 0) + LOGD("Unmount [%s]\n", p.data()); } + mount_list.clear(); + mount_list.shrink_to_fit(); } void mount_sbin() { @@ -248,8 +258,12 @@ void mount_sbin() { // Fallback to cache strcpy(partname, "cache"); strcpy(block_dev, BLOCKDIR "/cache"); - if (setup_block(false) < 0) - return; + if (setup_block(false) < 0) { + // Try NVIDIA's BS + strcpy(partname, "CAC"); + if (setup_block(false) < 0) + return; + } mnt_point = MIRRDIR "/cache"; xsymlink("./cache", MIRRDIR "/persist"); } diff --git a/native/jni/init/rootdir.cpp b/native/jni/init/rootdir.cpp index c1ab38c5b..8c7050f29 100644 --- a/native/jni/init/rootdir.cpp +++ b/native/jni/init/rootdir.cpp @@ -164,7 +164,23 @@ bool MagiskInit::patch_sepolicy(const char *file) { sepol_magisk_rules(); sepol_allow(SEPOL_PROC_DOMAIN, ALL, ALL, ALL); + + // Custom rules + if (auto dir = xopen_dir(persist_dir); dir) { + char path[4096]; + for (dirent *entry; (entry = xreaddir(dir.get()));) { + if (entry->d_name == "."sv || entry->d_name == ".."sv) + continue; + snprintf(path, sizeof(path), "%s/%s/sepolicy.rule", persist_dir, entry->d_name); + if (access(path, R_OK) == 0) { + LOGD("Loading custom sepolicy patch: %s\n", path); + load_rule_file(path); + } + } + } + dump_policydb(file); + destroy_policydb(); // Remove OnePlus stupid debug sepolicy and use our own if (access("/sepolicy_debug", F_OK) == 0) { diff --git a/native/jni/magiskpolicy/policydb.cpp b/native/jni/magiskpolicy/policydb.cpp index 6c775b1c2..c446816cc 100644 --- a/native/jni/magiskpolicy/policydb.cpp +++ b/native/jni/magiskpolicy/policydb.cpp @@ -13,6 +13,7 @@ #include "sepolicy.h" int load_policydb(const char *file) { + LOGD("Load policy from: %s\n", file); if (magisk_policydb) destroy_policydb(); @@ -101,7 +102,7 @@ static void load_cil(struct cil_db *db, const char *file) { size_t size; mmap_ro(file, addr, size); cil_add_file(db, (char *) file, addr, size); - LOGD("cil_add[%s]\n", file); + LOGD("cil_add [%s]\n", file); munmap(addr, size); }