Magisk 30600 版本移植
修复zygisk无法开启
diff --git a/native/src/core/daemon.rs b/native/src/core/daemon.rs
index 1ad3b5bba..f84f67468 100644
--- a/native/src/core/daemon.rs
+++ b/native/src/core/daemon.rs
@@ -34,6 +34,7 @@ use std::process::{Command, exit};
use std::sync::atomic::{AtomicBool, Ordering};
use std::sync::{Mutex, OnceLock};
use std::time::Duration;
+use std::fs;
// Global magiskd singleton
pub static MAGISKD: OnceLock<MagiskD> = OnceLock::new();
@@ -175,6 +176,18 @@ impl MagiskD {
true
}
+ fn get_cmdline_quick(pid: i32) -> String {
+ fs::read(format!("/proc/{}/cmdline", pid))
+ .map(|bytes| {
+ bytes.into_iter()
+ .map(|b| if b == 0 { ' ' } else { b as char })
+ .collect::<String>()
+ .trim()
+ .to_string()
+ })
+ .unwrap_or_else(|_| String::new())
+ }
+
fn handle_requests(&'static self, mut client: UnixStream) {
let Ok(cred) = client.peer_cred() else {
// Client died
@@ -188,7 +201,7 @@ impl MagiskD {
libc::getsockopt(
client.as_raw_fd(),
libc::SOL_SOCKET,
- libc::SO_PEERSEC,
+ libc::SO_PEERSEC, // SO_PEERSEC SELinux 上下文
context.as_mut_ptr().cast(),
&mut len,
);
@@ -199,8 +212,14 @@ impl MagiskD {
let is_shell = cred.uid == 2000;
let is_zygote = &context == "u:r:zygote:s0";
+ //我们设备没有selinux,因此SO_PEERSEC无法正确获取selunux上下文
+ //改成判断其uid gid ppid 以及 cmdline
+ let is_zygote_wrapper = cred.uid == 0 && cred.gid == 0 &&
+ Self::get_cmdline_quick(cred.pid.unwrap_or(-1)).contains("zygote");
+
if !is_root && !is_zygote && !self.is_client(cred.pid.unwrap_or(-1)) {
// Unsupported client state
+ info!("handle_requests access denied root {} zygote {}", is_root as bool, is_zygote as bool);
client.write_pod(&RespondCode::ACCESS_DENIED.repr).log_ok();
return;
}
运行环境异常补丁
$ git diff scripts/app_functions.sh
diff --git a/scripts/app_functions.sh b/scripts/app_functions.sh
index b2e242e8f..6ba0ed955 100644
--- a/scripts/app_functions.sh
+++ b/scripts/app_functions.sh
@@ -17,9 +17,9 @@ env_check() {
if [ "$2" -ge 25000 ]; then
[ -f "$MAGISKBIN/magiskpolicy" ] || return 1
fi
- if [ "$2" -ge 25210 ]; then
- [ -b "$MAGISKTMP/.magisk/device/preinit" ] || [ -b "$MAGISKTMP/.magisk/block/preinit" ] || return 2
- fi
+ #if [ "$2" -ge 25210 ]; then
+ # [ -b "$MAGISKTMP/.magisk/device/preinit" ] || [ -b "$MAGISKTMP/.magisk/block/preinit" ] || return 2
+ #fi
grep -xqF "MAGISK_VER='$1'" "$MAGISKBIN/util_functions.sh" || return 3
grep -xqF "MAGISK_VER_CODE=$2" "$MAGISKBIN/util_functions.sh" || return 3
return 0
preinit 是高版本magisk才有的
修复riru无法运行
diff --git a/rirud/src/main/java/riru/DaemonSocketServerThread.java b/rirud/src/main/java/riru/DaemonSocketServerThread.java
index 736263e..6f70717 100644
--- a/rirud/src/main/java/riru/DaemonSocketServerThread.java
+++ b/rirud/src/main/java/riru/DaemonSocketServerThread.java
@@ -13,6 +13,9 @@ import android.system.OsConstants;
import android.util.Log;
import android.util.Pair;
+import java.io.FileReader;
+import java.io.BufferedReader;
+
import java.io.EOFException;
import java.io.File;
import java.io.FileDescriptor;
@@ -339,6 +342,24 @@ public class DaemonSocketServerThread extends Thread {
}
}
+ private String getCmdline(int pid) {
+ String path = "/proc/" + String.valueOf(pid) + "/cmdline";
+ StringBuilder cmdline = new StringBuilder();
+ try (BufferedReader reader = new BufferedReader(new FileReader(path))) {
+ int c;
+ while ((c = reader.read()) != -1) {
+ if (c == 0) {
+ cmdline.append(' ');
+ } else {
+ cmdline.append((char) c);
+ }
+ }
+ } catch (IOException e) {
+ Log.i(TAG, "getCmdline", e);
+ }
+ return cmdline.toString();
+ }
+
private void startServer() throws IOException {
zygotePid.clear();
serverSocket = new LocalServerSocket("rirud");
@@ -352,7 +373,7 @@ public class DaemonSocketServerThread extends Thread {
if ((e.getCause() != null && e.getCause() instanceof ErrnoException && ((ErrnoException) e.getCause()).errno == EINVAL) ||
e instanceof SocketException ||
(e.getMessage() != null && (e.getMessage().contains("EINVAL") || e.getMessage().contains(String.format(Locale.ROOT, "errno %d", EINVAL))))) {
- Log.i(TAG, "Server shutdown.");
+ Log.i(TAG, "Server shutdown.", e);
return;
}
Log.w(TAG, "Accept failed, server is closed ?", e);
@@ -362,8 +383,10 @@ public class DaemonSocketServerThread extends Thread {
Credentials credentials = socket.getPeerCredentials();
var uid = credentials.getUid();
var pid = credentials.getPid();
- var context = SELinux.getPidContext(pid);
- if (uid != 0 || !Objects.equals(context, "u:r:zygote:s0")) {
+ //var context = SELinux.getPidContext(pid);
+ //if (uid != 0 || !Objects.equals(context, "u:r:zygote:s0")) {
+ String context = getCmdline(pid);
+ if (uid != 0 || !context.contains("zygote")) {
socket.close();
Log.w(TAG, "Unauthorized peer (" +
"uid=" + uid + ", " +
diff --git a/template/magisk_module/post-fs-data.sh b/template/magisk_module/post-fs-data.sh
index 1af2304..f24d8db 100644
--- a/template/magisk_module/post-fs-data.sh
+++ b/template/magisk_module/post-fs-data.sh
@@ -2,6 +2,7 @@
MODDIR=${0%/*}
TMPPROP="$(magisk --path)/riru.prop"
MIRRORPROP="$(magisk --path)/.magisk/modules/riru-core/module.prop"
+rm $TMPPROP
sh -Cc "cat '$MODDIR/module.prop' > '$TMPPROP'"
if [ $? -ne 0 ]; then
exit
浙公网安备 33010602011771号