I previously refered to minigzip from libz which copies all trailing
data to the output when decompressing. However, gzip, on the other
hand, drop trailing garbage by default. Consider ZIMAGE append
the kernel size with zero padding, we should drop trailing garbage
as well.
Before this change, the root manager package name is only written into
the database after the repackaged APK is installed. In the time between
the repackaged APK being installed and the package name being written
into the database, if some operation calls `get_manager`, the Magisk
daemon will cache this result and ignore the repackaged APK, even if
the package name is set afterwards, because the cache won't be
invalidated. The result is that the repackaged manager APK will not be
recognized as the root manager, breaking the hide manager feature.
This race condition is more likely to happen when Zygisk is enabled,
because `get_manager` is called with a very high frequency in that case.
To fix the issue, we have to set the new package name into the database
BEFORE installing the repackaged APK. We also stop pruning the
database if the repackaged manager is not found, moving this logic into
the Magisk app. By doing so, we can guarantee that the instant after
the repackaged manager APK is installed, the Magisk daemon will
immediately pick it up and treat it as the root manager.
Another small optimization: when the requester is root, simply bypass
the whole database + manager package check. Since the Magisk app hiding
APK installation proces will call `su` several times to run `pm` under
different UIDs, doing this opimization will reduce the amount of
unnecessary database query + filesystem traversals.
Previously, magic mount creates its own mirror devices and mount
mirror mount points. With these mirror mount points, magic mount
can get the original files and directory trees. However, some
devices use overlayfs to modify some mount points, and thus after
magic mount, the overlayed files are missing because the mirror
mount points do not contain the overlayed files. To address this
issue and make magic mount more compatible, this patch refactors
how magic mount works.
The new workflows are as follows:
1. make MAGISKTMP a private mount point so that we can create the
private mount points there
2. for mirror mount points, we instead of creating our own mirror
devices and mount the mirror mount points, we "copy" the
original mount points by recursively mounting /
3. to prevent magic mount affecting the mirror mount points, we
recursively set the mirror mount points private
4. to trace the mount points we created for reverting mounts, we
again make the mirror mount points shared, and by this way we
create a new peer group for each mirror mount points
5. as for tracing the newly created tmpfs mount point by magic
mount, we create a dedicated tmpfs mount point for them, namely
worker mount point, and obviously, it is shared as in a newly
created peer group for tracing
6. when reverting mount points by magic mount, we can then trace
the peer group id and unmount the mount points whose peer group
ids are created by us
The advantages are as follows:
1. it is more compatible, (e.g., with overlayfs, fix#2359)
2. it can mount more partitions for which previous implementation
cannot create mirror mount points (fix#3338)
It turns out that decompressing and recompressing the kernel is enough to break booting on many devices that use MT6763.
Fix#5124, fix#6204, fix#6566
Co-authored-by: LoveSy <shana@zju.edu.cn>
Co-authored-by: 南宫雪珊 <vvb2060@gmail.com>
We resolve available partitions for sepolicy.rules when patching
boot and bind mount the partition by magiskinit.
For older devices, the previous logic won't work because the part name
is never readable.
Co-authored-by: topjohnwu <topjohnwu@gmail.com>
