{
let path = Path::new(defs::METAMODULE_DIR);
// Check if symlink exists and resolve it
if path.is_symlink()
&& let Ok(target) = std::fs::read_link(path)
{
// If target is relative, resolve it
let resolved = if target.is_absolute() {
target
} else {
path.parent()?.join(target)
};
if resolved.exists() && resolved.is_dir() {
return Some(resolved);
}
warn!(
"Metamodule symlink points to non-existent path: {}",
resolved.display()
);
}
// Fallback: search for metamodule=1 in modules directory
let mut result = None;
let _ = crate::module::foreach_module(All, |module_path| {
if let Ok(props) = crate::module::read_module_prop(module_path)
&& is_metamodule(&props)
{
info!(
"Found metamodule in modules directory: {}",
module_path.display()
);
result = Some(module_path.to_path_buf());
}
Ok(())
});
result
}
/// Check if metamodule exists
pub fn has_metamodule() -> bool {
get_metamodule_path().is_some()
}
/// Check if it's safe to install a regular module
/// Returns Ok(()) if safe, Err(is_disabled) if blocked
/// - Err(true) means metamodule is disabled
/// - Err(false) means metamodule is in other unstable state
pub fn check_install_safety() -> Result<(), bool> {
// No metamodule → safe
let Some(metamodule_path) = get_metamodule_path() else {
return Ok(());
};
// No metainstall.sh → safe (uses default installer)
// The staged update directory may contain the latest scripts, so check both locations
let has_metainstall = metamodule_path
.join(defs::METAMODULE_METAINSTALL_SCRIPT)
.exists()
|| metamodule_path.file_name().is_some_and(|module_id| {
Path::new(defs::MODULE_UPDATE_DIR)
.join(module_id)
.join(defs::METAMODULE_METAINSTALL_SCRIPT)
.exists()
});
if !has_metainstall {
return Ok(());
}
// Check for marker files
let has_update = metamodule_path.join(defs::UPDATE_FILE_NAME).exists();
let has_remove = metamodule_path.join(defs::REMOVE_FILE_NAME).exists();
let has_disable = metamodule_path.join(defs::DISABLE_FILE_NAME).exists();
// Stable state (no markers) → safe
if !has_update && !has_remove && !has_disable {
return Ok(());
}
// Return true if disabled, false for other unstable states
Err(has_disable && !has_update && !has_remove)
}
/// Create or update the metamodule symlink
/// Points /data/adb/metamodule -> /data/adb/modules/{module_id}
pub fn ensure_symlink(module_path: P) -> Result<()>
where
P: AsRef,
{
// METAMODULE_DIR might have trailing slash, so we need to trim it
let symlink_path = Path::new(defs::METAMODULE_DIR.trim_end_matches('/'));
let module_path = module_path.as_ref();
info!(
"Creating metamodule symlink: {} -> {}",
symlink_path.display(),
module_path.display()
);
// Remove existing symlink if it exists
if symlink_path.exists() || symlink_path.is_symlink() {
info!("Removing old metamodule symlink/path");
if symlink_path.is_symlink() {
std::fs::remove_file(symlink_path).with_context(|| "Failed to remove old symlink")?;
} else {
// Could be a directory, remove it
std::fs::remove_dir_all(symlink_path)
.with_context(|| "Failed to remove old directory")?;
}
}
// Create symlink
#[cfg(unix)]
std::os::unix::fs::symlink(module_path, symlink_path)
.with_context(|| format!("Failed to create symlink to {}", module_path.display()))?;
info!("Metamodule symlink created successfully");
Ok(())
}
/// Remove the metamodule symlink
pub fn remove_symlink() -> Result<()> {
let symlink_path = Path::new(defs::METAMODULE_DIR.trim_end_matches('/'));
if symlink_path.is_symlink() {
std::fs::remove_file(symlink_path)
.with_context(|| "Failed to remove metamodule symlink")?;
info!("Metamodule symlink removed");
}
Ok(())
}
/// Get the install script content, using metainstall.sh from metamodule if available
/// Returns the script content to be executed
pub fn get_install_script(
is_metamodule: bool,
installer_content: &str,
install_module_script: &str,
) -> Result {
// Check if there's a metamodule with metainstall.sh
// Only apply this logic for regular modules (not when installing metamodule itself)
let install_script = if is_metamodule {
info!("Installing metamodule, using default installer");
install_module_script.to_string()
} else if let Some(metamodule_path) = get_metamodule_path() {
if metamodule_path.join(defs::DISABLE_FILE_NAME).exists() {
info!("Metamodule is disabled, using default installer");
install_module_script.to_string()
} else {
let metainstall_path = metamodule_path.join(defs::METAMODULE_METAINSTALL_SCRIPT);
if metainstall_path.exists() {
info!("Using metainstall.sh from metamodule");
let metamodule_content = std::fs::read_to_string(&metainstall_path)
.with_context(|| "Failed to read metamodule metainstall.sh")?;
format!("{installer_content}\n{metamodule_content}\nexit 0\n")
} else {
info!("Metamodule exists but has no metainstall.sh, using default installer");
install_module_script.to_string()
}
}
} else {
info!("No metamodule found, using default installer");
install_module_script.to_string()
};
Ok(install_script)
}
/// Check if metamodule script exists and is ready to execute
/// Returns None if metamodule doesn't exist, is disabled, or script is missing
/// Returns Some(script_path) if script is ready to execute
fn check_metamodule_script(script_name: &str) -> Option {
// Check if metamodule exists
let metamodule_path = get_metamodule_path()?;
// Check if metamodule is disabled
if metamodule_path.join(defs::DISABLE_FILE_NAME).exists() {
info!("Metamodule is disabled, skipping {script_name}");
return None;
}
// Check if script exists
let script_path = metamodule_path.join(script_name);
if !script_path.exists() {
return None;
}
Some(script_path)
}
/// Execute metamodule's metauninstall.sh for a specific module
pub fn exec_metauninstall_script(module_id: &str) -> Result<()> {
let Some(metauninstall_path) = check_metamodule_script(defs::METAMODULE_METAUNINSTALL_SCRIPT)
else {
return Ok(());
};
info!("Executing metamodule metauninstall.sh for module: {module_id}",);
let result = Command::new(assets::BUSYBOX_PATH)
.args(["sh", metauninstall_path.to_str().unwrap()])
.current_dir(metauninstall_path.parent().unwrap())
.envs(crate::module::get_common_script_envs())
.env("MODULE_ID", module_id)
.status()?;
ensure!(
result.success(),
"Metamodule metauninstall.sh failed for module {module_id}: {:?}",
result
);
info!("Metamodule metauninstall.sh executed successfully for {module_id}",);
Ok(())
}
/// Execute metamodule mount script
pub fn exec_mount_script(module_dir: &str) -> Result<()> {
let Some(mount_script) = check_metamodule_script(defs::METAMODULE_MOUNT_SCRIPT) else {
return Ok(());
};
info!("Executing mount script for metamodule");
let result = Command::new(assets::BUSYBOX_PATH)
.args(["sh", mount_script.to_str().unwrap()])
.envs(crate::module::get_common_script_envs())
.env("MODULE_DIR", module_dir)
.status()?;
ensure!(
result.success(),
"Metamodule mount script failed with status: {:?}",
result
);
info!("Metamodule mount script executed successfully");
Ok(())
}
/// Execute metamodule script for a specific stage
pub fn exec_stage_script(stage: &str, block: bool) -> Result<()> {
let Some(script_path) = check_metamodule_script(&format!("{stage}.sh")) else {
return Ok(());
};
info!("Executing metamodule {stage}.sh");
crate::module::exec_script(&script_path, block)?;
info!("Metamodule {stage}.sh executed successfully");
Ok(())
}
================================================
FILE: apd/src/module.rs
================================================
#[cfg(unix)]
use std::os::unix::{prelude::PermissionsExt, process::CommandExt};
use std::{
collections::HashMap,
env::var as env_var,
fs::{self, remove_dir_all},
io::Cursor,
path::{Path, PathBuf},
process::Command,
str::FromStr,
};
use crate::lua;
use anyhow::{Context, Result, anyhow, bail, ensure};
use const_format::concatcp;
use is_executable::is_executable;
use java_properties::PropertiesIter;
use log::{info, warn};
use zip_extensions::zip_extract_file_to_memory;
#[allow(clippy::wildcard_imports)]
use crate::utils::*;
use crate::{
assets,
defs::{self, MODULE_DIR, MODULE_UPDATE_DIR},
metamodule, restorecon,
};
const INSTALLER_CONTENT: &str = include_str!("./installer.sh");
const INSTALL_MODULE_SCRIPT: &str = concatcp!(
INSTALLER_CONTENT,
"\n",
"install_module",
"\n",
"exit 0",
"\n"
);
#[derive(PartialEq, Eq)]
pub enum ModuleType {
All,
Active,
Updated,
}
fn exec_install_script(module_file: &str, is_metamodule: bool) -> Result<()> {
let realpath = std::fs::canonicalize(module_file)
.with_context(|| format!("realpath: {module_file} failed"))?;
// Get install script from metamodule module
let install_script =
metamodule::get_install_script(is_metamodule, INSTALLER_CONTENT, INSTALL_MODULE_SCRIPT)?;
let result = Command::new(assets::BUSYBOX_PATH)
.args(["sh", "-c", &install_script])
.envs(get_common_script_envs())
.env("OUTFD", "1")
.env("ZIPFILE", realpath)
.status()?;
ensure!(result.success(), "Failed to install module script");
Ok(())
}
pub fn handle_updated_modules() -> Result<()> {
let modules_root = Path::new(MODULE_DIR);
foreach_module(ModuleType::Updated, |updated_module| {
if !updated_module.is_dir() {
return Ok(());
}
if let Some(name) = updated_module.file_name() {
let module_dir = modules_root.join(name);
let mut disabled = false;
let mut removed = false;
if module_dir.exists() {
// If the old module is disabled, we need to also disable the new one
disabled = module_dir.join(defs::DISABLE_FILE_NAME).exists();
removed = module_dir.join(defs::REMOVE_FILE_NAME).exists();
remove_dir_all(&module_dir)?;
}
std::fs::rename(updated_module, &module_dir)?;
if removed {
let path = module_dir.join(defs::REMOVE_FILE_NAME);
if let Err(e) = ensure_file_exists(&path) {
warn!("Failed to create {}: {e}", path.display());
}
} else if disabled {
let path = module_dir.join(defs::DISABLE_FILE_NAME);
if let Err(e) = ensure_file_exists(&path) {
warn!("Failed to create {}: {e}", path.display());
}
}
}
Ok(())
})?;
Ok(())
}
/// Get common environment variables for script execution
pub fn get_common_script_envs() -> Vec<(&'static str, String)> {
vec![
("ASH_STANDALONE", "1".to_string()),
("APATCH", "true".to_string()),
("APATCH_VER", defs::VERSION_NAME.to_string()),
("APATCH_VER_CODE", defs::VERSION_CODE.to_string()),
(
"PATH",
format!(
"{}:{}",
env_var("PATH").unwrap_or_default(),
defs::BINARY_DIR.trim_end_matches('/')
),
),
]
}
// because we use something like A-B update
// we need to update the module state after the boot_completed
// if someone(such as the module) install a module before the boot_completed
// then it may cause some problems, just forbid it
fn ensure_boot_completed() -> Result<()> {
// ensure getprop sys.boot_completed == 1
if getprop("sys.boot_completed").as_deref() != Some("1") {
bail!("Android is Booting!");
}
Ok(())
}
fn mark_update() -> Result<()> {
ensure_file_exists(concatcp!(defs::WORKING_DIR, defs::UPDATE_FILE_NAME))
}
fn mark_module_state(module: &str, flag_file: &str, create_or_delete: bool) -> Result<()> {
let module_state_file = Path::new(defs::MODULE_DIR).join(module).join(flag_file);
if create_or_delete {
ensure_file_exists(module_state_file)
} else {
if module_state_file.exists() {
fs::remove_file(module_state_file)?;
}
Ok(())
}
}
pub fn foreach_module(
module_type: ModuleType,
mut f: impl FnMut(&Path) -> Result<()>,
) -> Result<()> {
let modules_dir = Path::new(match module_type {
ModuleType::Updated => MODULE_UPDATE_DIR,
_ => defs::MODULE_DIR,
});
let dir = std::fs::read_dir(modules_dir)?;
for entry in dir.flatten() {
let path = entry.path();
if !path.is_dir() {
warn!("{} is not a directory, skip", path.display());
continue;
}
if module_type == ModuleType::Active && path.join(defs::DISABLE_FILE_NAME).exists() {
info!("{} is disabled, skip", path.display());
continue;
}
if module_type == ModuleType::Active && path.join(defs::REMOVE_FILE_NAME).exists() {
warn!("{} is removed, skip", path.display());
continue;
}
f(&path)?;
}
Ok(())
}
fn foreach_active_module(f: impl FnMut(&Path) -> Result<()>) -> Result<()> {
foreach_module(ModuleType::Active, f)
}
pub fn load_sepolicy_rule() -> Result<()> {
foreach_active_module(|path| {
let rule_file = path.join("sepolicy.rule");
if !rule_file.exists() {
return Ok(());
}
info!("load policy: {}", &rule_file.display());
Command::new(assets::MAGISKPOLICY_PATH)
.arg("--live")
.arg("--apply")
.arg(&rule_file)
.status()
.with_context(|| format!("Failed to exec {}", rule_file.display()))?;
Ok(())
})?;
Ok(())
}
pub fn exec_script>(path: T, wait: bool) -> Result<()> {
info!("exec {}", path.as_ref().display());
let mut command = &mut Command::new(assets::BUSYBOX_PATH);
#[cfg(unix)]
{
command = command.process_group(0);
command = unsafe {
command.pre_exec(|| {
// ignore the error?
switch_cgroups();
Ok(())
})
};
}
command = command
.current_dir(path.as_ref().parent().unwrap())
.arg("sh")
.arg(path.as_ref())
.env("ASH_STANDALONE", "1")
.env("APATCH", "true")
.env("APATCH_VER", defs::VERSION_NAME)
.env("APATCH_VER_CODE", defs::VERSION_CODE)
.env(
"PATH",
format!(
"{}:{}",
env_var("PATH")?,
defs::BINARY_DIR.trim_end_matches('/')
),
);
let result = if wait {
command.status().map(|_| ())
} else {
command.spawn().map(|_| ())
};
result.map_err(|err| anyhow!("Failed to exec {}: {}", path.as_ref().display(), err))
}
pub fn exec_stage_script(stage: &str, block: bool) -> Result<()> {
foreach_active_module(|module| {
let script_path = module.join(format!("{stage}.sh"));
if !script_path.exists() {
return Ok(());
}
exec_script(&script_path, block)
})?;
Ok(())
}
pub fn exec_common_scripts(dir: &str, wait: bool) -> Result<()> {
let script_dir = Path::new(defs::ADB_DIR).join(dir);
if !script_dir.exists() {
info!("{} not exists, skip", script_dir.display());
return Ok(());
}
let dir = fs::read_dir(&script_dir)?;
for entry in dir.flatten() {
let path = entry.path();
if !is_executable(&path) {
warn!("{} is not executable, skip", path.display());
continue;
}
exec_script(path, wait)?;
}
Ok(())
}
pub fn load_system_prop() -> Result<()> {
foreach_active_module(|module| {
let system_prop = module.join("system.prop");
if !system_prop.exists() {
return Ok(());
}
info!("load {} system.prop", module.display());
// resetprop -n --file system.prop
Command::new(assets::RESETPROP_PATH)
.arg("-n")
.arg("--file")
.arg(&system_prop)
.status()
.with_context(|| format!("Failed to exec {}", system_prop.display()))?;
Ok(())
})?;
Ok(())
}
pub fn prune_modules() -> Result<()> {
foreach_module(ModuleType::All, |module| {
fs::remove_file(module.join(defs::UPDATE_FILE_NAME)).ok();
if !module.join(defs::REMOVE_FILE_NAME).exists() {
return Ok(());
}
info!("remove module: {}", module.display());
// Execute metamodule's metauninstall.sh first
let module_id = module.file_name().and_then(|n| n.to_str()).unwrap_or("");
// Check if this is a metamodule
let is_metamodule = read_module_prop(module)
.map(|props| metamodule::is_metamodule(&props))
.unwrap_or(false);
if is_metamodule {
info!("Removing metamodule symlink");
if let Err(e) = metamodule::remove_symlink() {
warn!("Failed to remove metamodule symlink: {e}");
}
} else if let Err(e) = metamodule::exec_metauninstall_script(module_id) {
warn!("Failed to exec metamodule uninstall for {module_id}: {e}",);
}
// Then execute module's own uninstall.sh
let uninstaller = module.join("uninstall.sh");
if uninstaller.exists()
&& let Err(e) = exec_script(uninstaller, true)
{
warn!("Failed to exec uninstaller: {e}");
}
// Finally remove the module directory
if let Err(e) = remove_dir_all(module) {
warn!("Failed to remove {}: {e}", module.display());
}
Ok(())
})?;
// collect remaining modules, if none, clean up metamodule record
let remaining_modules: Vec<_> = std::fs::read_dir(defs::MODULE_DIR)?
.filter_map(std::result::Result::ok)
.filter(|entry| entry.path().join("module.prop").exists())
.collect();
if remaining_modules.is_empty() {
info!("no remaining modules.");
}
Ok(())
}
fn _install_module(zip: &str) -> Result<()> {
ensure_boot_completed()?;
// print banner
println!(include_str!("banner"));
assets::ensure_binaries().with_context(|| "binary missing")?;
// first check if workding dir is usable
ensure_dir_exists(defs::WORKING_DIR).with_context(|| "Failed to create working dir")?;
ensure_dir_exists(defs::BINARY_DIR).with_context(|| "Failed to create bin dir")?;
// read the module_id from zip
let mut buffer: Vec = Vec::new();
let entry_path = PathBuf::from_str("module.prop")?;
let zip_path = PathBuf::from_str(zip)?;
let zip_path = zip_path.canonicalize()?;
zip_extract_file_to_memory(&zip_path, &entry_path, &mut buffer)?;
let mut module_prop = HashMap::new();
PropertiesIter::new_with_encoding(Cursor::new(buffer), encoding_rs::UTF_8).read_into(
|k, v| {
module_prop.insert(k, v);
},
)?;
info!("module prop: {:?}", module_prop);
let Some(module_id) = module_prop.get("id") else {
bail!("module id not found in module.prop!");
};
let module_id = module_id.trim();
// Check if this module is a metamodule
let is_metamodule = metamodule::is_metamodule(&module_prop);
// Check if module needs mounting (has system/ dir and no skip_mount file)
let needs_mount = {
let zip_file = fs::File::open(&zip_path)?;
let archive = zip::ZipArchive::new(zip_file)?;
let has_system = archive.file_names().any(|name| name.starts_with("system/"));
let has_skip_mount = archive.file_names().any(|name| name == "skip_mount");
has_system && !has_skip_mount
};
// Check if it's safe to install regular module
if !is_metamodule && needs_mount && let Err(is_disabled) = metamodule::check_install_safety() {
println!("\n❌ Installation Blocked");
println!("┌────────────────────────────────");
println!("│ A metamodule with custom installer is active");
println!("│");
if is_disabled {
println!("│ Current state: Disabled");
println!("│ Action required: Re-enable or uninstall it, then reboot");
} else {
println!("│ Current state: Pending changes");
println!("│ Action required: Reboot to apply changes first");
}
println!("└─────────────────────────────────\n");
bail!("Metamodule installation blocked");
}
let modules_dir = Path::new(defs::MODULE_DIR);
let modules_update_dir = Path::new(defs::MODULE_UPDATE_DIR);
if !Path::new(modules_dir).exists() {
fs::create_dir(modules_dir).expect("Failed to create modules folder");
let permissions = fs::Permissions::from_mode(0o700);
fs::set_permissions(modules_dir, permissions).expect("Failed to set permissions");
}
if is_metamodule {
info!("Installing metamodule: {module_id}");
// Check if there's already a metamodule installed
if metamodule::has_metamodule()
&& let Some(existing_path) = metamodule::get_metamodule_path()
{
let existing_id = read_module_prop(&existing_path)
.ok()
.and_then(|m| m.get("id").cloned())
.unwrap_or_else(|| "unknown".to_string());
if existing_id != module_id {
println!("\n❌ Installation Failed");
println!("┌────────────────────────────────");
println!("│ A metamodule is already installed");
println!("│ Current metamodule: {existing_id}");
println!("│");
println!("│ Only one metamodule can be active at a time.");
println!("│");
println!("│ To install this metamodule:");
println!("│ 1. Uninstall the current metamodule");
println!("│ 2. Reboot your device");
println!("│ 3. Install the new metamodule");
println!("└─────────────────────────────────\n");
bail!("Cannot install multiple metamodules");
}
}
}
let module_dir = format!("{}{}", modules_dir.display(), module_id);
let _module_update_dir = format!("{}{}", modules_update_dir.display(), module_id);
info!("module dir: {}", module_dir);
if !Path::new(&module_dir.clone()).exists() {
fs::create_dir(&module_dir.clone()).expect("Failed to create module folder");
let permissions = fs::Permissions::from_mode(0o700);
fs::set_permissions(module_dir.clone(), permissions).expect("Failed to set permissions");
}
// unzip the image and move it to modules_update/ dir
let file = fs::File::open(zip)?;
let mut archive = zip::ZipArchive::new(file)?;
archive.extract(&_module_update_dir)?;
println!("- Running module installer");
exec_install_script(zip, is_metamodule)?;
// set permission and selinux context for $MOD/system
let module_system_dir = PathBuf::from(module_dir.clone()).join("system");
if module_system_dir.exists() {
#[cfg(unix)]
fs::set_permissions(&module_system_dir, fs::Permissions::from_mode(0o755))?;
restorecon::restore_syscon(&module_system_dir)?;
}
// Create symlink for metamodule
if is_metamodule {
println!("- Creating metamodule symlink");
metamodule::ensure_symlink(&module_dir)?;
}
mark_update()?;
Ok(())
}
pub fn install_module(zip: &str) -> Result<()> {
let result = _install_module(zip);
result
}
pub fn _uninstall_module(id: &str, update_dir: &str) -> Result<()> {
let dir = Path::new(update_dir);
ensure!(dir.exists(), "No module installed");
// iterate the modules_update dir, find the module to be removed
let dir = fs::read_dir(dir)?;
for entry in dir.flatten() {
let path = entry.path();
let module_prop = path.join("module.prop");
if !module_prop.exists() {
continue;
}
let content = fs::read(module_prop)?;
let mut module_id: String = String::new();
PropertiesIter::new_with_encoding(Cursor::new(content), encoding_rs::UTF_8).read_into(
|k, v| {
if k.eq("id") {
module_id = v;
}
},
)?;
if module_id.eq(id) {
let remove_file = path.join(defs::REMOVE_FILE_NAME);
fs::File::create(remove_file).with_context(|| "Failed to create remove file.")?;
break;
}
}
// santity check
let target_module_path = format!("{update_dir}/{id}");
let target_module = Path::new(&target_module_path);
if target_module.exists() {
let remove_file = target_module.join(defs::REMOVE_FILE_NAME);
if !remove_file.exists() {
fs::File::create(remove_file).with_context(|| "Failed to create remove file.")?;
}
}
let _ = mark_module_state(id, defs::REMOVE_FILE_NAME, true);
Ok(())
}
pub fn uninstall_module(id: &str) -> Result<()> {
_uninstall_module(id, defs::MODULE_DIR)?;
mark_update()?;
Ok(())
}
/// Read module.prop from the given module path and return as a HashMap
pub fn read_module_prop(module_path: &Path) -> Result> {
let module_prop = module_path.join("module.prop");
ensure!(
module_prop.exists(),
"module.prop not found in {}",
module_path.display()
);
let content = std::fs::read(&module_prop)
.with_context(|| format!("Failed to read module.prop: {}", module_prop.display()))?;
let mut prop_map: HashMap = HashMap::new();
PropertiesIter::new_with_encoding(Cursor::new(content), encoding_rs::UTF_8)
.read_into(|k, v| {
prop_map.insert(k, v);
})
.with_context(|| format!("Failed to parse module.prop: {}", module_prop.display()))?;
Ok(prop_map)
}
pub fn run_action(id: &str) -> Result<()> {
let action_script_path = format!("/data/adb/modules/{}/action.sh", id);
if Path::new(&action_script_path).exists() {
let _ = exec_script(&action_script_path, true);
} else {
//if no action.sh, try to run lua action
lua::run_lua(&id, "action", false, true).map_err(|e| anyhow::anyhow!("{}", e))?;
}
Ok(())
}
fn _change_module_state(module_dir: &str, mid: &str, enable: bool) -> Result<()> {
let src_module_path = format!("{module_dir}/{mid}");
let src_module = Path::new(&src_module_path);
ensure!(src_module.exists(), "module: {} not found!", mid);
let disable_path = src_module.join(defs::DISABLE_FILE_NAME);
if enable {
if disable_path.exists() {
fs::remove_file(&disable_path).with_context(|| {
format!("Failed to remove disable file: {}", &disable_path.display())
})?;
}
} else {
ensure_file_exists(disable_path)?;
}
let _ = mark_module_state(mid, defs::DISABLE_FILE_NAME, !enable);
Ok(())
}
pub fn _enable_module(id: &str, update_dir: &Path) -> Result<()> {
if let Some(module_dir_str) = update_dir.to_str() {
_change_module_state(module_dir_str, id, true)
} else {
info!("Enable module failed: Invalid path");
Err(anyhow::anyhow!("Invalid module directory"))
}
}
pub fn enable_module(id: &str) -> Result<()> {
let update_dir = Path::new(defs::MODULE_DIR);
_enable_module(id, update_dir)?;
Ok(())
}
pub fn _disable_module(id: &str, update_dir: &Path) -> Result<()> {
if let Some(module_dir_str) = update_dir.to_str() {
_change_module_state(module_dir_str, id, false)
} else {
info!("Disable module failed: Invalid path");
Err(anyhow::anyhow!("Invalid module directory"))
}
}
pub fn disable_module(id: &str) -> Result<()> {
let module_dir = Path::new(defs::MODULE_DIR);
_disable_module(id, module_dir)?;
Ok(())
}
pub fn _disable_all_modules(dir: &str) -> Result<()> {
let dir = fs::read_dir(dir)?;
for entry in dir.flatten() {
let path = entry.path();
let disable_flag = path.join(defs::DISABLE_FILE_NAME);
if let Err(e) = ensure_file_exists(disable_flag) {
warn!("Failed to disable module: {}: {}", path.display(), e);
}
}
Ok(())
}
pub fn disable_all_modules() -> Result<()> {
// Skip disabling modules since boot completed
if getprop("sys.boot_completed").as_deref() == Some("1") {
info!("System boot completed, no need to disable all modules");
return Ok(());
}
mark_update()?;
_disable_all_modules(defs::MODULE_DIR)?;
Ok(())
}
fn _list_modules(path: &str) -> Vec> {
// first check enabled modules
let dir = fs::read_dir(path);
let Ok(dir) = dir else {
return Vec::new();
};
let mut modules: Vec> = Vec::new();
for entry in dir.flatten() {
let path = entry.path();
info!("path: {}", path.display());
let module_prop = path.join("module.prop");
if !module_prop.exists() {
continue;
}
let content = fs::read(&module_prop);
let Ok(content) = content else {
warn!("Failed to read file: {}", module_prop.display());
continue;
};
let mut module_prop_map: HashMap = HashMap::new();
let encoding = encoding_rs::UTF_8;
let result =
PropertiesIter::new_with_encoding(Cursor::new(content), encoding).read_into(|k, v| {
module_prop_map.insert(k, v);
});
if !module_prop_map.contains_key("id") || module_prop_map["id"].is_empty() {
match entry.file_name().to_str() {
Some(id) => {
info!("Use dir name as module id: {}", id);
module_prop_map.insert("id".to_owned(), id.to_owned());
}
_ => {
info!("Failed to get module id: {:?}", module_prop);
continue;
}
}
}
// Add enabled, update, remove flags
let enabled = !path.join(defs::DISABLE_FILE_NAME).exists();
let update = path.join(defs::UPDATE_FILE_NAME).exists();
let remove = path.join(defs::REMOVE_FILE_NAME).exists();
let web = path.join(defs::MODULE_WEB_DIR).exists();
let id = module_prop_map.get("id").map(|s| s.as_str()).unwrap_or("");
let id_lua_file = format!("{}.lua", id);
let action = path.join(defs::MODULE_ACTION_SH).exists() || path.join(&id_lua_file).exists();
module_prop_map.insert("enabled".to_owned(), enabled.to_string());
module_prop_map.insert("update".to_owned(), update.to_string());
module_prop_map.insert("remove".to_owned(), remove.to_string());
module_prop_map.insert("web".to_owned(), web.to_string());
module_prop_map.insert("action".to_owned(), action.to_string());
if result.is_err() {
warn!("Failed to parse module.prop: {}", module_prop.display());
continue;
}
modules.push(module_prop_map);
}
modules
}
pub fn list_modules() -> Result<()> {
let modules = _list_modules(defs::MODULE_DIR);
println!("{}", serde_json::to_string_pretty(&modules)?);
Ok(())
}
================================================
FILE: apd/src/package.rs
================================================
use std::{
fs::File,
io::{self, BufRead},
path::Path,
thread,
time::Duration,
};
use log::{info, warn};
use serde::{Deserialize, Serialize};
#[derive(Deserialize, Serialize, Clone)]
pub struct PackageConfig {
pub pkg: String,
pub exclude: i32,
pub allow: i32,
pub uid: i32,
pub to_uid: i32,
pub sctx: String,
}
pub fn read_ap_package_config() -> Vec {
let max_retry = 5;
for _ in 0..max_retry {
let file = match File::open("/data/adb/ap/package_config") {
Ok(file) => file,
Err(e) => {
warn!("Error opening file: {}", e);
thread::sleep(Duration::from_secs(1));
continue;
}
};
let mut reader = csv::Reader::from_reader(file);
let mut package_configs = Vec::new();
let mut success = true;
for record in reader.deserialize() {
match record {
Ok(config) => package_configs.push(config),
Err(e) => {
warn!("Error deserializing record: {}", e);
success = false;
break;
}
}
}
if success {
return package_configs;
}
thread::sleep(Duration::from_secs(1));
}
Vec::new()
}
pub fn write_ap_package_config(package_configs: &[PackageConfig]) -> io::Result<()> {
let max_retry = 5;
for _ in 0..max_retry {
let temp_path = "/data/adb/ap/package_config.tmp";
let file = match File::create(temp_path) {
Ok(file) => file,
Err(e) => {
warn!("Error creating temp file: {}", e);
thread::sleep(Duration::from_secs(1));
continue;
}
};
let mut writer = csv::Writer::from_writer(file);
let mut success = true;
for config in package_configs {
if let Err(e) = writer.serialize(config) {
warn!("Error serializing record: {}", e);
success = false;
break;
}
}
if !success {
thread::sleep(Duration::from_secs(1));
continue;
}
if let Err(e) = writer.flush() {
warn!("Error flushing writer: {}", e);
thread::sleep(Duration::from_secs(1));
continue;
}
if let Err(e) = std::fs::rename(temp_path, "/data/adb/ap/package_config") {
warn!("Error renaming temp file: {}", e);
thread::sleep(Duration::from_secs(1));
continue;
}
return Ok(());
}
Err(io::Error::new(
io::ErrorKind::Other,
"Failed after max retries",
))
}
fn read_lines(filename: P) -> io::Result>>
where
P: AsRef,
{
File::open(filename).map(|file| io::BufReader::new(file).lines())
}
pub fn synchronize_package_uid() -> io::Result<()> {
info!("[synchronize_package_uid] Start synchronizing root list with system packages...");
let max_retry = 5;
for _ in 0..max_retry {
match read_lines("/data/system/packages.list") {
Ok(lines) => {
let lines: Vec<_> = lines.filter_map(|line| line.ok()).collect();
let mut package_configs = read_ap_package_config();
let system_packages: Vec = lines
.iter()
.filter_map(|line| line.split_whitespace().next())
.map(|pkg| pkg.to_string())
.collect();
let original_len = package_configs.len();
package_configs.retain(|config| system_packages.contains(&config.pkg));
let removed_count = original_len - package_configs.len();
if removed_count > 0 {
info!(
"Removed {} uninstalled package configurations",
removed_count
);
}
let mut updated = false;
for line in &lines {
let words: Vec<&str> = line.split_whitespace().collect();
if words.len() >= 2 {
let pkg_name = words[0];
if let Ok(uid) = words[1].parse::() {
for config in package_configs
.iter_mut()
.filter(|config| config.pkg == pkg_name)
{
if config.uid % 100000 != uid % 100000 {
let new_uid = config.uid / 100000 * 100000 + uid % 100000;
info!(
"Updating uid for package {}: {} -> {}",
pkg_name, config.uid, new_uid
);
config.uid = new_uid;
updated = true;
}
}
} else {
warn!("Error parsing uid: {}", words[1]);
}
}
}
if updated || removed_count > 0 {
write_ap_package_config(&package_configs)?;
}
return Ok(());
}
Err(e) => {
warn!("Error reading packages.list: {}", e);
thread::sleep(Duration::from_secs(1));
}
}
}
Err(io::Error::new(
io::ErrorKind::Other,
"Failed after max retries",
))
}
================================================
FILE: apd/src/pty.rs
================================================
use std::{
ffi::c_int,
fs::File,
io::{Read, Write, stderr, stdin, stdout},
mem::MaybeUninit,
os::fd::{AsFd, AsRawFd, OwnedFd, RawFd},
process::exit,
ptr::null_mut,
sync::Mutex,
thread,
};
use anyhow::{Ok, Result, bail};
use libc::{
__errno, EINTR, SIG_BLOCK, SIG_UNBLOCK, SIGWINCH, TIOCGWINSZ, TIOCSWINSZ, fork,
pthread_sigmask, sigaddset, sigemptyset, sigset_t, sigwait, waitpid, winsize,
};
use rustix::{
fs::{Mode, OFlags, open},
io::dup,
ioctl::{Getter, Opcode, ioctl, opcode},
process::setsid,
pty::{grantpt, unlockpt},
stdio::{dup2_stderr, dup2_stdin, dup2_stdout},
termios::{OptionalActions, Termios, isatty, tcgetattr, tcsetattr},
};
use crate::{defs::PTS_NAME, utils::get_tmp_path};
// https://github.com/topjohnwu/Magisk/blob/5627053b7481618adfdf8fa3569b48275589915b/native/src/core/su/pts.cpp
fn get_pty_num(fd: F) -> Result {
// TIOCGPTN: Get the PTY number
const TIOCGPTN: Opcode = opcode::read::(b'T', 0x30);
Ok(unsafe {
let tiocgptn = Getter::::new();
ioctl(fd, tiocgptn)?
})
}
static OLD_STDIN: Mutex> = Mutex::new(None);
fn watch_sigwinch_async(slave: RawFd) {
let mut winch = MaybeUninit::::uninit();
unsafe {
sigemptyset(winch.as_mut_ptr());
sigaddset(winch.as_mut_ptr(), SIGWINCH);
pthread_sigmask(SIG_BLOCK, winch.as_mut_ptr(), null_mut());
}
thread::spawn(move || unsafe {
let mut winch = MaybeUninit::::uninit();
sigemptyset(winch.as_mut_ptr());
sigaddset(winch.as_mut_ptr(), SIGWINCH);
pthread_sigmask(SIG_UNBLOCK, winch.as_mut_ptr(), null_mut());
let mut sig: c_int = 0;
loop {
let mut w = MaybeUninit::::uninit();
if libc::ioctl(1, TIOCGWINSZ, w.as_mut_ptr()) < 0 {
continue;
}
libc::ioctl(slave, TIOCSWINSZ, w.as_mut_ptr());
if sigwait(winch.as_mut_ptr(), &mut sig) != 0 {
break;
}
}
});
}
fn set_stdin_raw() -> rustix::io::Result<()> {
let mut termios = tcgetattr(stdin())?;
let mut guard = OLD_STDIN.lock().unwrap();
*guard = Some(termios.clone());
drop(guard);
termios.make_raw();
tcsetattr(stdin(), OptionalActions::Flush, &termios)
}
fn restore_stdin() -> Result<()> {
let mut guard = OLD_STDIN.lock().unwrap();
if let Some(original_termios) = guard.take() {
tcsetattr(stdin(), OptionalActions::Flush, &original_termios)?;
}
Ok(())
}
fn pump(mut from: R, mut to: W) {
let mut buf = [0u8; 4096];
loop {
match from.read(&mut buf) {
Result::Ok(len) => {
if len == 0 {
return;
}
if to.write_all(&buf[0..len]).is_err() {
return;
}
if to.flush().is_err() {
return;
}
}
Err(_) => {
return;
}
}
}
}
fn pump_stdin_async(mut ptmx: File) {
let _ = set_stdin_raw();
thread::spawn(move || {
let mut stdin = stdin();
pump(&mut stdin, &mut ptmx);
});
}
fn pump_stdout_blocking(mut ptmx: File) {
let mut stdout = stdout();
pump(&mut ptmx, &mut stdout);
let _ = restore_stdin();
}
fn create_transfer(ptmx: OwnedFd) -> Result<()> {
let pid = unsafe { fork() };
match pid {
d if d < 0 => bail!("fork"),
0 => return Ok(()),
_ => {}
}
let ptmx_r = ptmx;
let ptmx_w = dup(&ptmx_r)?;
let ptmx_r = File::from(ptmx_r);
let ptmx_w = File::from(ptmx_w);
watch_sigwinch_async(ptmx_w.as_raw_fd());
pump_stdin_async(ptmx_r);
pump_stdout_blocking(ptmx_w);
let mut status: c_int = -1;
unsafe {
loop {
if waitpid(pid, &mut status, 0) == -1 && *__errno() != EINTR {
continue;
}
break;
}
}
exit(status)
}
pub fn prepare_pty() -> Result<()> {
let tty_in = isatty(stdin());
let tty_out = isatty(stdout());
let tty_err = isatty(stderr());
if !tty_in && !tty_out && !tty_err {
return Ok(());
}
let mut pts_path = format!("{}/{}", get_tmp_path(), PTS_NAME);
if !std::path::Path::new(&pts_path).exists() {
pts_path = "/dev/pts".to_string();
}
let ptmx_path = format!("{}/ptmx", pts_path);
let ptmx_fd = open(ptmx_path, OFlags::RDWR, Mode::empty())?;
grantpt(&ptmx_fd)?;
unlockpt(&ptmx_fd)?;
let pty_num = get_pty_num(&ptmx_fd)?;
create_transfer(ptmx_fd)?;
setsid()?;
let pty_fd = open(format!("{pts_path}/{pty_num}"), OFlags::RDWR, Mode::empty())?;
if tty_in {
dup2_stdin(&pty_fd)?;
}
if tty_out {
dup2_stdout(&pty_fd)?;
}
if tty_err {
dup2_stderr(&pty_fd)?;
}
Ok(())
}
================================================
FILE: apd/src/restorecon.rs
================================================
use std::path::Path;
use anyhow::Result;
#[cfg(any(target_os = "linux", target_os = "android"))]
use anyhow::{Context, Ok};
#[cfg(any(target_os = "linux", target_os = "android"))]
use extattr::{Flags as XattrFlags, lsetxattr};
use jwalk::{Parallelism::Serial, WalkDir};
use crate::defs;
pub const SYSTEM_CON: &str = "u:object_r:system_file:s0";
pub const ADB_CON: &str = "u:object_r:adb_data_file:s0";
pub const UNLABEL_CON: &str = "u:object_r:unlabeled:s0";
const SELINUX_XATTR: &str = "security.selinux";
pub fn lsetfilecon>(path: P, con: &str) -> Result<()> {
#[cfg(any(target_os = "linux", target_os = "android"))]
lsetxattr(&path, SELINUX_XATTR, con, XattrFlags::empty()).with_context(|| {
format!(
"Failed to change SELinux context for {}",
path.as_ref().display()
)
})?;
Ok(())
}
#[cfg(any(target_os = "linux", target_os = "android"))]
pub fn lgetfilecon>(path: P) -> Result {
let con = extattr::lgetxattr(&path, SELINUX_XATTR).with_context(|| {
format!(
"Failed to get SELinux context for {}",
path.as_ref().display()
)
})?;
let con = String::from_utf8_lossy(&con);
Ok(con.to_string())
}
#[cfg(any(target_os = "linux", target_os = "android"))]
pub fn setsyscon>(path: P) -> Result<()> {
lsetfilecon(path, SYSTEM_CON)
}
#[cfg(not(any(target_os = "linux", target_os = "android")))]
pub fn setsyscon>(path: P) -> Result<()> {
unimplemented!()
}
#[cfg(not(any(target_os = "linux", target_os = "android")))]
pub fn lgetfilecon>(path: P) -> Result {
unimplemented!()
}
pub fn restore_syscon>(dir: P) -> Result<()> {
for dir_entry in WalkDir::new(dir).parallelism(Serial) {
if let Some(path) = dir_entry.ok().map(|dir_entry| dir_entry.path()) {
setsyscon(&path)?;
}
}
Ok(())
}
fn restore_syscon_if_unlabeled>(dir: P) -> Result<()> {
for dir_entry in WalkDir::new(dir).parallelism(Serial) {
if let Some(path) = dir_entry.ok().map(|dir_entry| dir_entry.path()) {
if let Result::Ok(con) = lgetfilecon(&path) {
if con == UNLABEL_CON || con.is_empty() {
lsetfilecon(&path, SYSTEM_CON)?;
}
}
}
}
Ok(())
}
pub fn restorecon() -> Result<()> {
lsetfilecon(defs::DAEMON_PATH, ADB_CON)?;
restore_syscon_if_unlabeled(defs::MODULE_DIR)?;
Ok(())
}
================================================
FILE: apd/src/sepolicy.rs
================================================
use std::{ffi, path::Path, vec};
use anyhow::{Result, bail};
use derive_new::new;
use nom::{
AsChar, IResult, Parser,
branch::alt,
bytes::complete::{tag, take_while, take_while_m_n, take_while1},
character::complete::{space0, space1},
combinator::map,
};
type SeObject<'a> = Vec<&'a str>;
fn is_sepolicy_char(c: char) -> bool {
c.is_alphanum() || c == '_' || c == '-'
}
fn parse_single_word(input: &str) -> IResult<&str, &str> {
take_while1(is_sepolicy_char).parse(input)
}
fn parse_bracket_objs(input: &str) -> IResult<&str, SeObject<'_>> {
let (input, (_, words, _)) = (
tag("{"),
take_while_m_n(1, 100, |c: char| is_sepolicy_char(c) || c.is_whitespace()),
tag("}"),
)
.parse(input)?;
Ok((input, words.split_whitespace().collect()))
}
fn parse_single_obj(input: &str) -> IResult<&str, SeObject<'_>> {
let (input, word) = take_while1(is_sepolicy_char).parse(input)?;
Ok((input, vec![word]))
}
fn parse_star(input: &str) -> IResult<&str, SeObject<'_>> {
let (input, _) = tag("*").parse(input)?;
Ok((input, vec!["*"]))
}
// 1. a single sepolicy word
// 2. { obj1 obj2 obj3 ...}
// 3. *
fn parse_seobj(input: &str) -> IResult<&str, SeObject<'_>> {
let (input, strs) = alt((parse_single_obj, parse_bracket_objs, parse_star)).parse(input)?;
Ok((input, strs))
}
fn parse_seobj_no_star(input: &str) -> IResult<&str, SeObject<'_>> {
let (input, strs) = alt((parse_single_obj, parse_bracket_objs)).parse(input)?;
Ok((input, strs))
}
trait SeObjectParser<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self>
where
Self: Sized;
}
#[derive(Debug, PartialEq, Eq, new)]
struct NormalPerm<'a> {
op: &'a str,
source: SeObject<'a>,
target: SeObject<'a>,
class: SeObject<'a>,
perm: SeObject<'a>,
}
#[derive(Debug, PartialEq, Eq, new)]
struct XPerm<'a> {
op: &'a str,
source: SeObject<'a>,
target: SeObject<'a>,
class: SeObject<'a>,
operation: &'a str,
perm_set: &'a str,
}
#[derive(Debug, PartialEq, Eq, new)]
struct TypeState<'a> {
op: &'a str,
stype: SeObject<'a>,
}
#[derive(Debug, PartialEq, Eq, new)]
struct TypeAttr<'a> {
stype: SeObject<'a>,
sattr: SeObject<'a>,
}
#[derive(Debug, PartialEq, Eq, new)]
struct Type<'a> {
name: &'a str,
attrs: SeObject<'a>,
}
#[derive(Debug, PartialEq, Eq, new)]
struct Attr<'a> {
name: &'a str,
}
#[derive(Debug, PartialEq, Eq, new)]
struct TypeTransition<'a> {
source: &'a str,
target: &'a str,
class: &'a str,
default_type: &'a str,
object_name: Option<&'a str>,
}
#[derive(Debug, PartialEq, Eq, new)]
struct TypeChange<'a> {
op: &'a str,
source: &'a str,
target: &'a str,
class: &'a str,
default_type: &'a str,
}
#[derive(Debug, PartialEq, Eq, new)]
struct GenFsCon<'a> {
fs_name: &'a str,
partial_path: &'a str,
fs_context: &'a str,
}
#[derive(Debug)]
enum PolicyStatement<'a> {
// "allow *source_type *target_type *class *perm_set"
// "deny *source_type *target_type *class *perm_set"
// "auditallow *source_type *target_type *class *perm_set"
// "dontaudit *source_type *target_type *class *perm_set"
NormalPerm(NormalPerm<'a>),
// "allowxperm *source_type *target_type *class operation xperm_set"
// "auditallowxperm *source_type *target_type *class operation xperm_set"
// "dontauditxperm *source_type *target_type *class operation xperm_set"
XPerm(XPerm<'a>),
// "permissive ^type"
// "enforce ^type"
TypeState(TypeState<'a>),
// "type type_name ^(attribute)"
Type(Type<'a>),
// "typeattribute ^type ^attribute"
TypeAttr(TypeAttr<'a>),
// "attribute ^attribute"
Attr(Attr<'a>),
// "type_transition source_type target_type class default_type (object_name)"
TypeTransition(TypeTransition<'a>),
// "type_change source_type target_type class default_type"
// "type_member source_type target_type class default_type"
TypeChange(TypeChange<'a>),
// "genfscon fs_name partial_path fs_context"
GenFsCon(GenFsCon<'a>),
}
impl<'a> SeObjectParser<'a> for NormalPerm<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self> {
let (input, op) = alt((
tag("allow"),
tag("deny"),
tag("auditallow"),
tag("dontaudit"),
))
.parse(input)?;
let (input, _) = space0(input)?;
let (input, source) = parse_seobj(input)?;
let (input, _) = space0(input)?;
let (input, target) = parse_seobj(input)?;
let (input, _) = space0(input)?;
let (input, class) = parse_seobj(input)?;
let (input, _) = space0(input)?;
let (input, perm) = parse_seobj(input)?;
Ok((input, NormalPerm::new(op, source, target, class, perm)))
}
}
impl<'a> SeObjectParser<'a> for XPerm<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self> {
let (input, op) = alt((
tag("allowxperm"),
tag("auditallowxperm"),
tag("dontauditxperm"),
))
.parse(input)?;
let (input, _) = space0(input)?;
let (input, source) = parse_seobj(input)?;
let (input, _) = space0(input)?;
let (input, target) = parse_seobj(input)?;
let (input, _) = space0(input)?;
let (input, class) = parse_seobj(input)?;
let (input, _) = space0(input)?;
let (input, operation) = parse_single_word(input)?;
let (input, _) = space0(input)?;
let (input, perm_set) = parse_single_word(input)?;
Ok((
input,
XPerm::new(op, source, target, class, operation, perm_set),
))
}
}
impl<'a> SeObjectParser<'a> for TypeState<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self> {
let (input, op) = alt((tag("permissive"), tag("enforce"))).parse(input)?;
let (input, _) = space1(input)?;
let (input, stype) = parse_seobj_no_star(input)?;
Ok((input, TypeState::new(op, stype)))
}
}
impl<'a> SeObjectParser<'a> for Type<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self> {
let (input, _) = tag("type")(input)?;
let (input, _) = space1(input)?;
let (input, name) = parse_single_word(input)?;
if input.is_empty() {
return Ok((input, Type::new(name, vec!["domain"]))); // default to domain
}
let (input, _) = space1(input)?;
let (input, attrs) = parse_seobj_no_star(input)?;
Ok((input, Type::new(name, attrs)))
}
}
impl<'a> SeObjectParser<'a> for TypeAttr<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self> {
let (input, _) = alt((tag("typeattribute"), tag("attradd"))).parse(input)?;
let (input, _) = space1(input)?;
let (input, stype) = parse_seobj_no_star(input)?;
let (input, _) = space1(input)?;
let (input, attr) = parse_seobj_no_star(input)?;
Ok((input, TypeAttr::new(stype, attr)))
}
}
impl<'a> SeObjectParser<'a> for Attr<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self> {
let (input, _) = tag("attribute")(input)?;
let (input, _) = space1(input)?;
let (input, attr) = parse_single_word(input)?;
Ok((input, Attr::new(attr)))
}
}
impl<'a> SeObjectParser<'a> for TypeTransition<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self> {
let (input, _) = alt((tag("type_transition"), tag("name_transition"))).parse(input)?;
let (input, _) = space1(input)?;
let (input, source) = parse_single_word(input)?;
let (input, _) = space1(input)?;
let (input, target) = parse_single_word(input)?;
let (input, _) = space1(input)?;
let (input, class) = parse_single_word(input)?;
let (input, _) = space1(input)?;
let (input, default) = parse_single_word(input)?;
if input.is_empty() {
return Ok((
input,
TypeTransition::new(source, target, class, default, None),
));
}
let (input, _) = space1(input)?;
let (input, object) = parse_single_word(input)?;
Ok((
input,
TypeTransition::new(source, target, class, default, Some(object)),
))
}
}
impl<'a> SeObjectParser<'a> for TypeChange<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self> {
let (input, op) = alt((tag("type_change"), tag("type_member"))).parse(input)?;
let (input, _) = space1(input)?;
let (input, source) = parse_single_word(input)?;
let (input, _) = space1(input)?;
let (input, target) = parse_single_word(input)?;
let (input, _) = space1(input)?;
let (input, class) = parse_single_word(input)?;
let (input, _) = space1(input)?;
let (input, default) = parse_single_word(input)?;
Ok((input, TypeChange::new(op, source, target, class, default)))
}
}
impl<'a> SeObjectParser<'a> for GenFsCon<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self>
where
Self: Sized,
{
let (input, _) = tag("genfscon")(input)?;
let (input, _) = space1(input)?;
let (input, fs) = parse_single_word(input)?;
let (input, _) = space1(input)?;
let (input, path) = parse_single_word(input)?;
let (input, _) = space1(input)?;
let (input, context) = parse_single_word(input)?;
Ok((input, GenFsCon::new(fs, path, context)))
}
}
impl<'a> PolicyStatement<'a> {
fn parse(input: &'a str) -> IResult<&'a str, Self> {
let (input, _) = space0(input)?;
let (input, statement) = alt((
map(NormalPerm::parse, PolicyStatement::NormalPerm),
map(XPerm::parse, PolicyStatement::XPerm),
map(TypeState::parse, PolicyStatement::TypeState),
map(Type::parse, PolicyStatement::Type),
map(TypeAttr::parse, PolicyStatement::TypeAttr),
map(Attr::parse, PolicyStatement::Attr),
map(TypeTransition::parse, PolicyStatement::TypeTransition),
map(TypeChange::parse, PolicyStatement::TypeChange),
map(GenFsCon::parse, PolicyStatement::GenFsCon),
))
.parse(input)?;
let (input, _) = space0(input)?;
let (input, _) = take_while(|c| c == ';')(input)?;
let (input, _) = space0(input)?;
Ok((input, statement))
}
}
fn parse_sepolicy<'a, 'b>(input: &'b str, strict: bool) -> Result>>
where
'b: 'a,
{
let mut statements = vec![];
for line in input.split(['\n', ';']) {
let trimmed_line = line.trim();
if trimmed_line.is_empty() || trimmed_line.starts_with('#') {
continue;
}
if let Ok((_, statement)) = PolicyStatement::parse(trimmed_line) {
statements.push(statement);
} else if strict {
bail!("Failed to parse policy statement: {}", line)
}
}
Ok(statements)
}
const SEPOLICY_MAX_LEN: usize = 128;
const CMD_NORMAL_PERM: u32 = 1;
const CMD_XPERM: u32 = 2;
const CMD_TYPE_STATE: u32 = 3;
const CMD_TYPE: u32 = 4;
const CMD_TYPE_ATTR: u32 = 5;
const CMD_ATTR: u32 = 6;
const CMD_TYPE_TRANSITION: u32 = 7;
const CMD_TYPE_CHANGE: u32 = 8;
const CMD_GENFSCON: u32 = 9;
#[derive(Debug, Default)]
enum PolicyObject {
All, // for "*", stand for all objects, and is NULL in ffi
One([u8; SEPOLICY_MAX_LEN]),
#[default]
None,
}
impl TryFrom<&str> for PolicyObject {
type Error = anyhow::Error;
fn try_from(s: &str) -> Result {
anyhow::ensure!(s.len() <= SEPOLICY_MAX_LEN, "policy object too long");
if s == "*" {
return Ok(PolicyObject::All);
}
let mut buf = [0u8; SEPOLICY_MAX_LEN];
buf[..s.len()].copy_from_slice(s.as_bytes());
Ok(PolicyObject::One(buf))
}
}
/// atomic statement, such as: allow domain1 domain2:file1 read;
/// normal statement would be expanded to atomic statement, for example:
/// allow domain1 domain2:file1 { read write }; would be expanded to two atomic statement
/// allow domain1 domain2:file1 read;allow domain1 domain2:file1 write;
#[allow(clippy::too_many_arguments)]
#[derive(Debug, new)]
struct AtomicStatement {
cmd: u32,
subcmd: u32,
sepol1: PolicyObject,
sepol2: PolicyObject,
sepol3: PolicyObject,
sepol4: PolicyObject,
sepol5: PolicyObject,
sepol6: PolicyObject,
sepol7: PolicyObject,
}
impl<'a> TryFrom<&'a NormalPerm<'a>> for Vec {
type Error = anyhow::Error;
fn try_from(perm: &'a NormalPerm<'a>) -> Result {
let mut result = vec![];
let subcmd = match perm.op {
"allow" => 1,
"deny" => 2,
"auditallow" => 3,
"dontaudit" => 4,
_ => 0,
};
for &s in &perm.source {
for &t in &perm.target {
for &c in &perm.class {
for &p in &perm.perm {
result.push(AtomicStatement {
cmd: CMD_NORMAL_PERM,
subcmd,
sepol1: s.try_into()?,
sepol2: t.try_into()?,
sepol3: c.try_into()?,
sepol4: p.try_into()?,
sepol5: PolicyObject::None,
sepol6: PolicyObject::None,
sepol7: PolicyObject::None,
});
}
}
}
}
Ok(result)
}
}
impl<'a> TryFrom<&'a XPerm<'a>> for Vec {
type Error = anyhow::Error;
fn try_from(perm: &'a XPerm<'a>) -> Result {
let mut result = vec![];
let subcmd = match perm.op {
"allowxperm" => 1,
"auditallowxperm" => 2,
"dontauditxperm" => 3,
_ => 0,
};
for &s in &perm.source {
for &t in &perm.target {
for &c in &perm.class {
result.push(AtomicStatement {
cmd: CMD_XPERM,
subcmd,
sepol1: s.try_into()?,
sepol2: t.try_into()?,
sepol3: c.try_into()?,
sepol4: perm.operation.try_into()?,
sepol5: perm.perm_set.try_into()?,
sepol6: PolicyObject::None,
sepol7: PolicyObject::None,
});
}
}
}
Ok(result)
}
}
impl<'a> TryFrom<&'a TypeState<'a>> for Vec {
type Error = anyhow::Error;
fn try_from(perm: &'a TypeState<'a>) -> Result {
let mut result = vec![];
let subcmd = match perm.op {
"permissive" => 1,
"enforcing" => 2,
_ => 0,
};
for &t in &perm.stype {
result.push(AtomicStatement {
cmd: CMD_TYPE_STATE,
subcmd,
sepol1: t.try_into()?,
sepol2: PolicyObject::None,
sepol3: PolicyObject::None,
sepol4: PolicyObject::None,
sepol5: PolicyObject::None,
sepol6: PolicyObject::None,
sepol7: PolicyObject::None,
});
}
Ok(result)
}
}
impl<'a> TryFrom<&'a Type<'a>> for Vec {
type Error = anyhow::Error;
fn try_from(perm: &'a Type<'a>) -> Result {
let mut result = vec![];
for &attr in &perm.attrs {
result.push(AtomicStatement {
cmd: CMD_TYPE,
subcmd: 0,
sepol1: perm.name.try_into()?,
sepol2: attr.try_into()?,
sepol3: PolicyObject::None,
sepol4: PolicyObject::None,
sepol5: PolicyObject::None,
sepol6: PolicyObject::None,
sepol7: PolicyObject::None,
});
}
Ok(result)
}
}
impl<'a> TryFrom<&'a TypeAttr<'a>> for Vec {
type Error = anyhow::Error;
fn try_from(perm: &'a TypeAttr<'a>) -> Result {
let mut result = vec![];
for &t in &perm.stype {
for &attr in &perm.sattr {
result.push(AtomicStatement {
cmd: CMD_TYPE_ATTR,
subcmd: 0,
sepol1: t.try_into()?,
sepol2: attr.try_into()?,
sepol3: PolicyObject::None,
sepol4: PolicyObject::None,
sepol5: PolicyObject::None,
sepol6: PolicyObject::None,
sepol7: PolicyObject::None,
});
}
}
Ok(result)
}
}
impl<'a> TryFrom<&'a Attr<'a>> for Vec {
type Error = anyhow::Error;
fn try_from(perm: &'a Attr<'a>) -> Result {
let result = vec![AtomicStatement {
cmd: CMD_ATTR,
subcmd: 0,
sepol1: perm.name.try_into()?,
sepol2: PolicyObject::None,
sepol3: PolicyObject::None,
sepol4: PolicyObject::None,
sepol5: PolicyObject::None,
sepol6: PolicyObject::None,
sepol7: PolicyObject::None,
}];
Ok(result)
}
}
impl<'a> TryFrom<&'a TypeTransition<'a>> for Vec {
type Error = anyhow::Error;
fn try_from(perm: &'a TypeTransition<'a>) -> Result {
let mut result = vec![];
let obj = match perm.object_name {
Some(obj) => obj.try_into()?,
None => PolicyObject::None,
};
result.push(AtomicStatement {
cmd: CMD_TYPE_TRANSITION,
subcmd: 0,
sepol1: perm.source.try_into()?,
sepol2: perm.target.try_into()?,
sepol3: perm.class.try_into()?,
sepol4: perm.default_type.try_into()?,
sepol5: obj,
sepol6: PolicyObject::None,
sepol7: PolicyObject::None,
});
Ok(result)
}
}
impl<'a> TryFrom<&'a TypeChange<'a>> for Vec {
type Error = anyhow::Error;
fn try_from(perm: &'a TypeChange<'a>) -> Result {
let mut result = vec![];
let subcmd = match perm.op {
"type_change" => 1,
"type_member" => 2,
_ => 0,
};
result.push(AtomicStatement {
cmd: CMD_TYPE_CHANGE,
subcmd,
sepol1: perm.source.try_into()?,
sepol2: perm.target.try_into()?,
sepol3: perm.class.try_into()?,
sepol4: perm.default_type.try_into()?,
sepol5: PolicyObject::None,
sepol6: PolicyObject::None,
sepol7: PolicyObject::None,
});
Ok(result)
}
}
impl<'a> TryFrom<&'a GenFsCon<'a>> for Vec {
type Error = anyhow::Error;
fn try_from(perm: &'a GenFsCon<'a>) -> Result {
let result = vec![AtomicStatement {
cmd: CMD_GENFSCON,
subcmd: 0,
sepol1: perm.fs_name.try_into()?,
sepol2: perm.partial_path.try_into()?,
sepol3: perm.fs_context.try_into()?,
sepol4: PolicyObject::None,
sepol5: PolicyObject::None,
sepol6: PolicyObject::None,
sepol7: PolicyObject::None,
}];
Ok(result)
}
}
impl<'a> TryFrom<&'a PolicyStatement<'a>> for Vec {
type Error = anyhow::Error;
fn try_from(value: &'a PolicyStatement) -> Result {
match value {
PolicyStatement::NormalPerm(perm) => perm.try_into(),
PolicyStatement::XPerm(perm) => perm.try_into(),
PolicyStatement::TypeState(perm) => perm.try_into(),
PolicyStatement::Type(perm) => perm.try_into(),
PolicyStatement::TypeAttr(perm) => perm.try_into(),
PolicyStatement::Attr(perm) => perm.try_into(),
PolicyStatement::TypeTransition(perm) => perm.try_into(),
PolicyStatement::TypeChange(perm) => perm.try_into(),
PolicyStatement::GenFsCon(perm) => perm.try_into(),
}
}
}
////////////////////////////////////////////////////////////////
/// for C FFI to call kernel interface
///////////////////////////////////////////////////////////////
#[derive(Debug)]
#[repr(C)]
struct FfiPolicy {
cmd: u32,
subcmd: u32,
sepol1: *const ffi::c_char,
sepol2: *const ffi::c_char,
sepol3: *const ffi::c_char,
sepol4: *const ffi::c_char,
sepol5: *const ffi::c_char,
sepol6: *const ffi::c_char,
sepol7: *const ffi::c_char,
}
fn to_c_ptr(pol: &PolicyObject) -> *const ffi::c_char {
match pol {
PolicyObject::None | PolicyObject::All => std::ptr::null(),
PolicyObject::One(s) => s.as_ptr().cast::(),
}
}
impl From for FfiPolicy {
fn from(policy: AtomicStatement) -> FfiPolicy {
FfiPolicy {
cmd: policy.cmd,
subcmd: policy.subcmd,
sepol1: to_c_ptr(&policy.sepol1),
sepol2: to_c_ptr(&policy.sepol2),
sepol3: to_c_ptr(&policy.sepol3),
sepol4: to_c_ptr(&policy.sepol4),
sepol5: to_c_ptr(&policy.sepol5),
sepol6: to_c_ptr(&policy.sepol6),
sepol7: to_c_ptr(&policy.sepol7),
}
}
}
pub fn check_rule(policy: &str) -> Result<()> {
let path = Path::new(policy);
let policy = if path.exists() {
std::fs::read_to_string(path)?
} else {
policy.to_string()
};
parse_sepolicy(policy.trim(), true)?;
Ok(())
}
================================================
FILE: apd/src/supercall.rs
================================================
use std::{
ffi::{CStr, CString},
fmt::Write,
fs::File,
io::{self, Read},
process,
process::exit,
ptr,
sync::{Arc, Mutex},
};
use errno::errno;
use libc::{EINVAL, c_int, c_long, c_void, execv, fork, pid_t, setenv, syscall, uid_t, wait};
use log::{error, info, warn};
use crate::package::{read_ap_package_config, synchronize_package_uid};
const MAJOR: c_long = 0;
const MINOR: c_long = 11;
const PATCH: c_long = 1;
const KSTORAGE_EXCLUDE_LIST_GROUP: i32 = 1;
const __NR_SUPERCALL: c_long = 45;
const SUPERCALL_KLOG: c_long = 0x1004;
const SUPERCALL_KERNELPATCH_VER: c_long = 0x1008;
const SUPERCALL_KERNEL_VER: c_long = 0x1009;
const SUPERCALL_SU: c_long = 0x1010;
const SUPERCALL_KSTORAGE_WRITE: c_long = 0x1041;
const SUPERCALL_SU_GRANT_UID: c_long = 0x1100;
const SUPERCALL_SU_REVOKE_UID: c_long = 0x1101;
const SUPERCALL_SU_NUMS: c_long = 0x1102;
const SUPERCALL_SU_LIST: c_long = 0x1103;
const SUPERCALL_SU_RESET_PATH: c_long = 0x1111;
const SUPERCALL_SU_GET_SAFEMODE: c_long = 0x1112;
const SUPERCALL_SCONTEXT_LEN: usize = 0x60;
#[repr(C)]
struct SuProfile {
uid: i32,
to_uid: i32,
scontext: [u8; SUPERCALL_SCONTEXT_LEN],
}
fn ver_and_cmd(cmd: c_long) -> c_long {
let version_code: u32 = ((MAJOR << 16) + (MINOR << 8) + PATCH).try_into().unwrap();
((version_code as c_long) << 32) | (0x1158 << 16) | (cmd & 0xFFFF)
}
fn sc_su_revoke_uid(key: &CStr, uid: uid_t) -> c_long {
if key.to_bytes().is_empty() {
return (-EINVAL).into();
}
unsafe {
syscall(
__NR_SUPERCALL,
key.as_ptr(),
ver_and_cmd(SUPERCALL_SU_REVOKE_UID),
uid,
) as c_long
}
}
fn sc_su_grant_uid(key: &CStr, profile: &SuProfile) -> c_long {
if key.to_bytes().is_empty() {
return (-EINVAL).into();
}
unsafe {
syscall(
__NR_SUPERCALL,
key.as_ptr(),
ver_and_cmd(SUPERCALL_SU_GRANT_UID),
profile,
) as c_long
}
}
fn sc_kstorage_write(
key: &CStr,
gid: i32,
did: i64,
data: *mut c_void,
offset: i32,
dlen: i32,
) -> c_long {
if key.to_bytes().is_empty() {
return (-EINVAL).into();
}
unsafe {
syscall(
__NR_SUPERCALL,
key.as_ptr(),
ver_and_cmd(SUPERCALL_KSTORAGE_WRITE),
gid as c_long,
did as c_long,
data,
(((offset as i64) << 32) | (dlen as i64)) as c_long,
) as c_long
}
}
fn sc_set_ap_mod_exclude(key: &CStr, uid: i64, exclude: i32) -> c_long {
sc_kstorage_write(
key,
KSTORAGE_EXCLUDE_LIST_GROUP,
uid,
&exclude as *const i32 as *mut c_void,
0,
size_of::() as i32,
)
}
pub fn sc_su_get_safemode(key: &CStr) -> c_long {
if key.to_bytes().is_empty() {
warn!("[sc_su_get_safemode] null superkey, tell apd we are not in safemode!");
return 0;
}
let key_ptr = key.as_ptr();
if key_ptr.is_null() {
warn!("[sc_su_get_safemode] superkey pointer is null!");
return 0;
}
unsafe {
syscall(
__NR_SUPERCALL,
key_ptr,
ver_and_cmd(SUPERCALL_SU_GET_SAFEMODE),
) as c_long
}
}
fn sc_su(key: &CStr, profile: &SuProfile) -> c_long {
if key.to_bytes().is_empty() {
return (-EINVAL).into();
}
unsafe {
syscall(
__NR_SUPERCALL,
key.as_ptr(),
ver_and_cmd(SUPERCALL_SU),
profile,
) as c_long
}
}
fn sc_su_reset_path(key: &CStr, path: &CStr) -> c_long {
if key.to_bytes().is_empty() || path.to_bytes().is_empty() {
return (-EINVAL).into();
}
unsafe {
syscall(
__NR_SUPERCALL,
key.as_ptr(),
ver_and_cmd(SUPERCALL_SU_RESET_PATH),
path.as_ptr(),
) as c_long
}
}
fn sc_kp_ver(key: &CStr) -> Result {
if key.to_bytes().is_empty() {
return Err(-EINVAL);
}
let ret = unsafe {
syscall(
__NR_SUPERCALL,
key.as_ptr(),
ver_and_cmd(SUPERCALL_KERNELPATCH_VER),
)
};
Ok(ret as u32)
}
fn sc_k_ver(key: &CStr) -> Result {
if key.to_bytes().is_empty() {
return Err(-EINVAL);
}
let ret = unsafe {
syscall(
__NR_SUPERCALL,
key.as_ptr(),
ver_and_cmd(SUPERCALL_KERNEL_VER),
)
};
Ok(ret as u32)
}
fn sc_klog(key: &CStr, msg: &CStr) -> c_long {
if key.to_bytes().is_empty() || msg.to_bytes().is_empty() {
return (-EINVAL).into();
}
unsafe {
syscall(
__NR_SUPERCALL,
key.as_ptr(),
ver_and_cmd(SUPERCALL_KLOG),
msg.as_ptr(),
) as c_long
}
}
fn sc_su_uid_nums(key: &CStr) -> c_long {
if key.to_bytes().is_empty() {
return (-EINVAL).into();
}
unsafe { syscall(__NR_SUPERCALL, key.as_ptr(), ver_and_cmd(SUPERCALL_SU_NUMS)) as c_long }
}
fn sc_su_allow_uids(key: &CStr, buf: &mut [uid_t]) -> c_long {
if key.to_bytes().is_empty() {
return (-EINVAL).into();
}
if buf.is_empty() {
return (-EINVAL).into();
}
unsafe {
syscall(
__NR_SUPERCALL,
key.as_ptr(),
ver_and_cmd(SUPERCALL_SU_LIST),
buf.as_mut_ptr(),
buf.len() as i32,
) as c_long
}
}
fn read_file_to_string(path: &str) -> io::Result {
let mut file = File::open(path)?;
let mut content = String::new();
file.read_to_string(&mut content)?;
Ok(content)
}
fn convert_string_to_u8_array(s: &str) -> [u8; SUPERCALL_SCONTEXT_LEN] {
let mut u8_array = [0u8; SUPERCALL_SCONTEXT_LEN];
let bytes = s.as_bytes();
let len = usize::min(SUPERCALL_SCONTEXT_LEN, bytes.len());
u8_array[..len].copy_from_slice(&bytes[..len]);
u8_array
}
fn convert_superkey(s: &Option) -> Option {
s.as_ref().and_then(|s| CString::new(s.clone()).ok())
}
pub fn refresh_ap_package_list(skey: &CStr, mutex: &Arc>) {
let _lock = mutex.lock().unwrap();
let num = sc_su_uid_nums(skey);
if num < 0 {
error!("[refresh_su_list] Error getting number of UIDs: {}", num);
return;
}
let num = num as usize;
let mut uids = vec![0 as uid_t; num];
let n = sc_su_allow_uids(skey, &mut uids);
if n < 0 {
error!("[refresh_su_list] Error getting su list");
return;
}
for uid in &uids {
if *uid == 0 || *uid == 2000 {
warn!(
"[refresh_ap_package_list] Skip revoking critical uid: {}",
uid
);
continue;
}
info!(
"[refresh_ap_package_list] Revoking {} root permission...",
uid
);
let rc = sc_su_revoke_uid(skey, *uid);
if rc != 0 {
error!("[refresh_ap_package_list] Error revoking UID: {}", rc);
}
}
if let Err(e) = synchronize_package_uid() {
error!("Failed to synchronize package UIDs: {}", e);
}
let package_configs = read_ap_package_config();
for config in package_configs {
if config.allow == 1 && config.exclude == 0 {
let profile = SuProfile {
uid: config.uid,
to_uid: config.to_uid,
scontext: convert_string_to_u8_array(&config.sctx),
};
let result = sc_su_grant_uid(skey, &profile);
info!(
"[refresh_ap_package_list] Loading {}: result = {}",
config.pkg, result
);
}
if config.allow == 0 && config.exclude == 1 {
let result = sc_set_ap_mod_exclude(skey, config.uid as i64, 1);
info!(
"[refresh_ap_package_list] Loading exclude {}: result = {}",
config.pkg, result
);
}
}
}
pub fn privilege_apd_profile(superkey: &Option) {
let key = convert_superkey(superkey);
let all_allow_ctx = "u:r:magisk:s0";
let profile = SuProfile {
uid: process::id().try_into().expect("PID conversion failed"),
to_uid: 0,
scontext: convert_string_to_u8_array(all_allow_ctx),
};
if let Some(ref key) = key {
let result = sc_su(key, &profile);
info!("[privilege_apd_profile] result = {}", result);
}
}
pub fn init_load_package_uid_config(superkey: &Option) {
let package_configs = read_ap_package_config();
let key = convert_superkey(superkey);
for config in package_configs {
if config.allow == 1 && config.exclude == 0 {
match key {
Some(ref key) => {
let profile = SuProfile {
uid: config.uid,
to_uid: config.to_uid,
scontext: convert_string_to_u8_array(&config.sctx),
};
let result = sc_su_grant_uid(key, &profile);
info!("Processed {}: result = {}", config.pkg, result);
}
_ => {
warn!("Superkey is None, skipping config: {}", config.pkg);
}
}
}
if config.allow == 0 && config.exclude == 1 {
match key {
Some(ref key) => {
let result = sc_set_ap_mod_exclude(key, config.uid as i64, 1);
info!("Processed exclude {}: result = {}", config.pkg, result);
}
_ => {
warn!("Superkey is None, skipping config: {}", config.pkg);
}
}
}
}
}
pub fn init_load_su_path(superkey: &Option) {
let su_path_file = "/data/adb/ap/su_path";
match read_file_to_string(su_path_file) {
Ok(su_path) => {
let superkey_cstr = convert_superkey(superkey);
match superkey_cstr {
Some(superkey_cstr) => match CString::new(su_path.trim()) {
Ok(su_path_cstr) => {
let result = sc_su_reset_path(&superkey_cstr, &su_path_cstr);
if result == 0 {
info!("suPath load successfully");
} else {
warn!("Failed to load su path, error code: {}", result);
}
}
Err(e) => {
warn!("Failed to convert su_path: {}", e);
}
},
_ => {
warn!("Superkey is None, skipping...");
}
}
}
Err(e) => {
warn!("Failed to read su_path file: {}", e);
}
}
}
fn set_env_var(key: &str, value: &str) {
let key_c = CString::new(key).expect("CString::new failed");
let value_c = CString::new(value).expect("CString::new failed");
unsafe {
setenv(key_c.as_ptr(), value_c.as_ptr(), 1);
}
}
fn log_kernel(key: &CStr, _fmt: &str, args: std::fmt::Arguments) -> c_long {
let mut buf = String::with_capacity(1024);
write!(&mut buf, "{}", args).expect("Error formatting string");
let c_buf = CString::new(buf).expect("CString::new failed");
sc_klog(key, &c_buf)
}
#[macro_export]
macro_rules! log_kernel {
($key:expr_2021, $fmt:expr_2021, $($arg:tt)*) => (
log_kernel($key, $fmt, std::format_args!($fmt, $($arg)*))
)
}
pub fn fork_for_result(exec: &str, argv: &[&str], key: &Option) {
let mut cmd = String::new();
for arg in argv {
cmd.push_str(arg);
cmd.push(' ');
}
let superkey_cstr = convert_superkey(key);
match superkey_cstr {
Some(superkey_cstr) => {
unsafe {
let pid: pid_t = fork();
if pid < 0 {
log_kernel!(
&superkey_cstr,
"{} fork {} error: {}\n",
libc::getpid(),
exec,
-1
);
} else if pid == 0 {
set_env_var("KERNELPATCH", "true");
let kpver = format!("{:x}", sc_kp_ver(&superkey_cstr).unwrap_or(0));
set_env_var("KERNELPATCH_VERSION", kpver.as_str());
let kver = format!("{:x}", sc_k_ver(&superkey_cstr).unwrap_or(0));
set_env_var("KERNEL_VERSION", kver.as_str());
let c_exec = CString::new(exec).expect("CString::new failed");
let c_argv: Vec =
argv.iter().map(|&arg| CString::new(arg).unwrap()).collect();
let mut c_argv_ptrs: Vec<*const libc::c_char> =
c_argv.iter().map(|arg| arg.as_ptr()).collect();
c_argv_ptrs.push(ptr::null());
execv(c_exec.as_ptr(), c_argv_ptrs.as_ptr());
log_kernel!(
&superkey_cstr,
"{} exec {} error: {}\n",
libc::getpid(),
cmd,
CStr::from_ptr(libc::strerror(errno().0))
.to_string_lossy()
.into_owned()
);
exit(1); // execv only returns on error
} else {
let mut status: c_int = 0;
wait(&mut status);
log_kernel!(
&superkey_cstr,
"{} wait {} status: 0x{}\n",
libc::getpid(),
cmd,
status
);
}
}
}
_ => {
warn!("[fork_for_result] SuperKey convert failed!");
}
}
}
================================================
FILE: apd/src/utils.rs
================================================
#[allow(unused_imports)]
use std::fs::{Permissions, set_permissions};
#[cfg(unix)]
use std::os::unix::prelude::PermissionsExt;
use std::{
ffi::CString,
fs::{File, OpenOptions, create_dir_all, metadata},
io::{ErrorKind::AlreadyExists, Write},
path::Path,
process::{Command, Stdio},
};
use anyhow::{Context, Error, Ok, Result, bail};
use log::{info, warn};
use crate::{defs, supercall::sc_su_get_safemode};
pub fn ensure_file_exists>(file: T) -> Result<()> {
match File::options().write(true).create_new(true).open(&file) {
Result::Ok(_) => Ok(()),
Err(err) => {
if err.kind() == AlreadyExists && file.as_ref().is_file() {
Ok(())
} else {
Err(Error::from(err))
.with_context(|| format!("{} is not a regular file", file.as_ref().display()))
}
}
}
}
pub fn ensure_dir_exists>(dir: T) -> Result<()> {
let result = create_dir_all(&dir).map_err(Error::from);
if dir.as_ref().is_dir() {
result
} else if result.is_ok() {
bail!("{} is not a regular directory", dir.as_ref().display())
} else {
result
}
}
// todo: ensure
pub fn ensure_binary>(path: T) -> Result<()> {
set_permissions(&path, Permissions::from_mode(0o755))?;
Ok(())
}
#[cfg(any(target_os = "linux", target_os = "android"))]
pub fn getprop(prop: &str) -> Option {
android_properties::getprop(prop).value()
}
#[cfg(not(any(target_os = "linux", target_os = "android")))]
pub fn getprop(_prop: &str) -> Option {
unimplemented!()
}
pub fn run_command(
command: &str,
args: &[&str],
stdout: Option,
) -> Result {
let mut command_builder = Command::new(command);
command_builder.args(args);
if let Some(out) = stdout {
command_builder.stdout(out);
}
let child = command_builder.spawn()?;
Ok(child)
}
pub fn is_safe_mode(superkey: Option) -> bool {
let safemode = getprop("persist.sys.safemode")
.filter(|prop| prop == "1")
.is_some()
|| getprop("ro.sys.safemode")
.filter(|prop| prop == "1")
.is_some();
info!("safemode: {}", safemode);
if safemode {
return true;
}
let safemode = superkey
.as_ref()
.and_then(|key_str| CString::new(key_str.as_str()).ok())
.map_or_else(
|| {
warn!("[is_safe_mode] No valid superkey provided, assuming safemode as false.");
false
},
|cstr| sc_su_get_safemode(&cstr) == 1,
);
info!("kernel_safemode: {}", safemode);
safemode
}
#[cfg(any(target_os = "linux", target_os = "android"))]
pub fn switch_mnt_ns(pid: i32) -> Result<()> {
use std::os::fd::AsRawFd;
use anyhow::ensure;
let path = format!("/proc/{pid}/ns/mnt");
let fd = File::open(path)?;
let current_dir = std::env::current_dir();
let ret = unsafe { libc::setns(fd.as_raw_fd(), libc::CLONE_NEWNS) };
if let Result::Ok(current_dir) = current_dir {
let _ = std::env::set_current_dir(current_dir);
}
ensure!(ret == 0, "switch mnt ns failed");
Ok(())
}
fn switch_cgroup(grp: &str, pid: u32) {
let path = Path::new(grp).join("cgroup.procs");
if !path.exists() {
return;
}
let fp = OpenOptions::new().append(true).open(path);
if let Result::Ok(mut fp) = fp {
let _ = write!(fp, "{pid}");
}
}
pub fn switch_cgroups() {
let pid = std::process::id();
switch_cgroup("/acct", pid);
switch_cgroup("/dev/cg2_bpf", pid);
switch_cgroup("/sys/fs/cgroup", pid);
if getprop("ro.config.per_app_memcg")
.filter(|prop| prop == "false")
.is_none()
{
switch_cgroup("/dev/memcg/apps", pid);
}
}
#[cfg(any(target_os = "linux", target_os = "android"))]
pub fn umask(mask: u32) {
unsafe { libc::umask(mask) };
}
#[cfg(not(any(target_os = "linux", target_os = "android")))]
pub fn umask(_mask: u32) {
unimplemented!("umask is not supported on this platform")
}
pub fn has_magisk() -> bool {
which::which("magisk").is_ok()
}
pub fn get_tmp_path() -> &'static str {
if metadata(defs::TEMP_DIR_LEGACY).is_ok() {
return defs::TEMP_DIR_LEGACY;
}
if metadata(defs::TEMP_DIR).is_ok() {
return defs::TEMP_DIR;
}
""
}
================================================
FILE: app/.gitignore
================================================
/build
/release/
================================================
FILE: app/build.gradle.kts
================================================
@file:Suppress("UnstableApiUsage")
import com.android.build.gradle.tasks.PackageAndroidArtifact
import org.jetbrains.kotlin.gradle.dsl.JvmTarget
import java.net.URI
plugins {
alias(libs.plugins.agp.app)
alias(libs.plugins.kotlin.compose.compiler)
alias(libs.plugins.ksp)
alias(libs.plugins.lsplugin.apksign)
alias(libs.plugins.lsplugin.resopt)
id("kotlin-parcelize")
}
val androidCompileSdkVersion: Int by rootProject.extra
val androidCompileNdkVersion: String by rootProject.extra
val androidBuildToolsVersion: String by rootProject.extra
val androidMinSdkVersion: Int by rootProject.extra
val androidTargetSdkVersion: Int by rootProject.extra
val androidSourceCompatibility: JavaVersion by rootProject.extra
val androidTargetCompatibility: JavaVersion by rootProject.extra
val managerVersionCode: Int by rootProject.extra
val managerVersionName: String by rootProject.extra
val branchName: String by rootProject.extra
val kernelPatchVersion: String by rootProject.extra
apksign {
storeFileProperty = "KEYSTORE_FILE"
storePasswordProperty = "KEYSTORE_PASSWORD"
keyAliasProperty = "KEY_ALIAS"
keyPasswordProperty = "KEY_PASSWORD"
}
val ccache = System.getenv("PATH")?.split(File.pathSeparator)
?.map { File(it, "ccache") }?.firstOrNull { it.exists() }?.absolutePath
val baseFlags = listOf(
"-Wall", "-Qunused-arguments", "-fno-rtti", "-fvisibility=hidden",
"-fvisibility-inlines-hidden", "-fno-exceptions", "-fno-stack-protector",
"-fomit-frame-pointer", "-Wno-builtin-macro-redefined", "-Wno-unused-value",
"-D__FILE__=__FILE_NAME__",
"-DANDROID_SUPPORT_FLEXIBLE_PAGE_SIZES=ON", "-Wno-unused", "-Wno-unused-parameter",
"-Wno-unused-command-line-argument", "-Wno-incompatible-function-pointer-types",
"-U_FORTIFY_SOURCE", "-D_FORTIFY_SOURCE=0"
)
val baseArgs = mutableListOf(
"-DANDROID_STL=none", "-DANDROID_SUPPORT_FLEXIBLE_PAGE_SIZES=ON",
"-DCMAKE_CXX_STANDARD=23", "-DCMAKE_C_STANDARD=23",
"-DCMAKE_INTERPROCEDURAL_OPTIMIZATION=ON", "-DCMAKE_VISIBILITY_INLINES_HIDDEN=ON",
"-DCMAKE_CXX_VISIBILITY_PRESET=hidden", "-DCMAKE_C_VISIBILITY_PRESET=hidden"
).apply { if (ccache != null) add("-DANDROID_CCACHE=$ccache") }
android {
namespace = "me.bmax.apatch"
buildTypes {
debug {
isDebuggable = true
isMinifyEnabled = false
isShrinkResources = false
proguardFiles(
getDefaultProguardFile("proguard-android-optimize.txt"),
"proguard-rules.pro"
)
externalNativeBuild {
cmake {
arguments += listOf("-DCMAKE_CXX_FLAGS_DEBUG=-Og", "-DCMAKE_C_FLAGS_DEBUG=-Og")
}
}
}
release {
isMinifyEnabled = true
isShrinkResources = true
isDebuggable = false
multiDexEnabled = true
vcsInfo.include = false
proguardFiles(
getDefaultProguardFile("proguard-android-optimize.txt"),
"proguard-rules.pro"
)
externalNativeBuild {
cmake {
val relFlags = listOf(
"-flto", "-ffunction-sections", "-fdata-sections", "-Wl,--gc-sections",
"-fno-unwind-tables", "-fno-asynchronous-unwind-tables", "-Wl,--exclude-libs,ALL",
"-Ofast", "-fmerge-all-constants", "-flto=full", "-ffat-lto-objects",
"-fno-semantic-interposition", "-fno-threadsafe-statics"
)
cppFlags += relFlags
cFlags += relFlags
arguments += listOf("-DCMAKE_BUILD_TYPE=Release", "-DCMAKE_CXX_FLAGS_RELEASE=-O3 -DNDEBUG", "-DCMAKE_C_FLAGS_RELEASE=-O3 -DNDEBUG")
}
}
}
}
dependenciesInfo.includeInApk = false
buildFeatures {
aidl = true
buildConfig = true
compose = true
prefab = true
}
defaultConfig {
minSdk = androidMinSdkVersion
targetSdk = androidTargetSdkVersion
versionCode = managerVersionCode
versionName = managerVersionName
ndk.abiFilters.addAll(arrayOf("arm64-v8a"))
externalNativeBuild {
cmake {
cppFlags += baseFlags + "-std=c++2b"
cFlags += baseFlags + "-std=c2x"
arguments += baseArgs
abiFilters("arm64-v8a")
}
}
buildConfigField("String", "buildKPV", "\"$kernelPatchVersion\"")
base.archivesName = "APatch_${managerVersionCode}_${managerVersionName}_${branchName}"
}
compileOptions {
sourceCompatibility = JavaVersion.VERSION_21
targetCompatibility = JavaVersion.VERSION_21
}
packaging {
jniLibs {
useLegacyPackaging = true
}
resources {
excludes += "**"
merges += "META-INF/com/google/android/**"
}
}
externalNativeBuild {
cmake {
version = "3.28.0+"
path("src/main/cpp/CMakeLists.txt")
}
}
androidResources {
generateLocaleConfig = true
}
compileSdk = androidCompileSdkVersion
ndkVersion = androidCompileNdkVersion
buildToolsVersion = androidBuildToolsVersion
lint {
abortOnError = false
checkReleaseBuilds = false
}
android.sourceSets.named("main") {
kotlin.directories += "build/generated/ksp/$name/kotlin"
jniLibs.directories += "libs"
}
}
// https://stackoverflow.com/a/77745844
tasks.withType {
doFirst { appMetadata.asFile.orNull?.writeText("") }
}
java {
toolchain {
languageVersion = JavaLanguageVersion.of(21)
}
}
kotlin {
jvmToolchain(21)
compilerOptions {
jvmTarget = JvmTarget.JVM_21
}
}
fun registerDownloadTask(
taskName: String, srcUrl: String, destPath: String, project: Project
) {
project.tasks.register(taskName) {
val destFile = File(destPath)
doLast {
if (!destFile.exists() || isFileUpdated(srcUrl, destFile)) {
println(" - Downloading $srcUrl to ${destFile.absolutePath}")
downloadFile(srcUrl, destFile)
println(" - Download completed.")
} else {
println(" - File is up-to-date, skipping download.")
}
}
}
}
fun isFileUpdated(url: String, localFile: File): Boolean {
val connection = URI.create(url).toURL().openConnection()
val remoteLastModified = connection.getHeaderFieldDate("Last-Modified", 0L)
return remoteLastModified > localFile.lastModified()
}
fun downloadFile(url: String, destFile: File) {
URI.create(url).toURL().openStream().use { input ->
destFile.outputStream().use { output ->
input.copyTo(output)
}
}
}
registerDownloadTask(
taskName = "downloadKpimg",
srcUrl = "https://github.com/bmax121/KernelPatch/releases/download/$kernelPatchVersion/kpimg-android",
destPath = "${project.projectDir}/src/main/assets/kpimg",
project = project
)
registerDownloadTask(
taskName = "downloadKptools",
srcUrl = "https://github.com/bmax121/KernelPatch/releases/download/$kernelPatchVersion/kptools-android",
destPath = "${project.projectDir}/libs/arm64-v8a/libkptools.so",
project = project
)
// Compat kp version less than 0.10.7
// TODO: Remove in future
registerDownloadTask(
taskName = "downloadCompatKpatch",
srcUrl = "https://github.com/bmax121/KernelPatch/releases/download/0.10.7/kpatch-android",
destPath = "${project.projectDir}/libs/arm64-v8a/libkpatch.so",
project = project
)
tasks.register("mergeScripts") {
into("${project.projectDir}/src/main/resources/META-INF/com/google/android")
from(rootProject.file("${project.rootDir}/scripts/update_binary.sh")) {
rename { "update-binary" }
}
from(rootProject.file("${project.rootDir}/scripts/update_script.sh")) {
rename { "updater-script" }
}
}
tasks.getByName("preBuild").dependsOn(
"downloadKpimg",
"downloadKptools",
"downloadCompatKpatch",
"mergeScripts",
)
// https://github.com/bbqsrc/cargo-ndk
// cargo ndk -t arm64-v8a build --release
tasks.register("cargoBuild") {
executable("cargo")
args("ndk", "-t", "arm64-v8a", "build", "--release")
workingDir("${project.rootDir}/apd")
}
tasks.register("buildApd") {
dependsOn("cargoBuild")
from("${project.rootDir}/apd/target/aarch64-linux-android/release/apd")
into("${project.projectDir}/libs/arm64-v8a")
rename("apd", "libapd.so")
}
tasks.configureEach {
if (name == "mergeDebugJniLibFolders" || name == "mergeReleaseJniLibFolders") {
dependsOn("buildApd")
}
}
tasks.register("cargoClean") {
executable("cargo")
args("clean")
workingDir("${project.rootDir}/apd")
}
tasks.register("apdClean") {
dependsOn("cargoClean")
delete(file("${project.projectDir}/libs/arm64-v8a/libapd.so"))
}
tasks.clean {
dependsOn("apdClean")
}
ksp {
arg("compose-destinations.defaultTransitions", "none")
}
dependencies {
implementation(libs.androidx.appcompat)
implementation(libs.androidx.activity.compose)
implementation(libs.androidx.core.splashscreen)
implementation(libs.androidx.webkit)
implementation(platform(libs.androidx.compose.bom))
implementation(libs.androidx.compose.material.icons.extended)
implementation(libs.androidx.compose.material3)
implementation(libs.androidx.compose.ui)
implementation(libs.androidx.compose.ui.tooling.preview)
implementation(libs.androidx.compose.runtime.livedata)
debugImplementation(libs.androidx.compose.ui.test.manifest)
debugImplementation(libs.androidx.compose.ui.tooling)
implementation(libs.androidx.lifecycle.runtime.compose)
implementation(libs.androidx.lifecycle.runtime.ktx)
implementation(libs.androidx.lifecycle.viewmodel.compose)
implementation(libs.compose.destinations.core)
ksp(libs.compose.destinations.ksp)
implementation(libs.com.github.topjohnwu.libsu.core)
implementation(libs.com.github.topjohnwu.libsu.service)
implementation(libs.com.github.topjohnwu.libsu.nio)
implementation(libs.com.github.topjohnwu.libsu.io)
implementation(libs.dev.rikka.rikkax.parcelablelist)
implementation(libs.io.coil.kt.coil.compose)
implementation(libs.kotlinx.coroutines.core)
implementation(libs.me.zhanghai.android.appiconloader.coil)
implementation(libs.sheet.compose.dialogs.core)
implementation(libs.sheet.compose.dialogs.list)
implementation(libs.sheet.compose.dialogs.input)
implementation(libs.markdown)
implementation(libs.ini4j)
compileOnly(libs.cxx)
}
================================================
FILE: app/libs/arm64-v8a/.gitignore
================================================
libkptools.so
libapjni.so
libkpatch.so
libapd.so
================================================
FILE: app/proguard-rules.pro
================================================
-dontwarn org.bouncycastle.jsse.BCSSLParameters
-dontwarn org.bouncycastle.jsse.BCSSLSocket
-dontwarn org.bouncycastle.jsse.provider.BouncyCastleJsseProvider
-dontwarn org.conscrypt.Conscrypt$Version
-dontwarn org.conscrypt.Conscrypt
-dontwarn org.conscrypt.ConscryptHostnameVerifier
-dontwarn org.openjsse.javax.net.ssl.SSLParameters
-dontwarn org.openjsse.javax.net.ssl.SSLSocket
-dontwarn org.openjsse.net.ssl.OpenJSSE
-dontwarn java.beans.Introspector
-dontwarn java.beans.VetoableChangeListener
-dontwarn java.beans.VetoableChangeSupport
-dontwarn java.beans.BeanInfo
-dontwarn java.beans.IntrospectionException
-dontwarn java.beans.PropertyDescriptor
# Keep ini4j Service Provider Interface
-keep,allowobfuscation,allowoptimization class org.ini4j.spi.** { *; }
# Kotlin
-assumenosideeffects class kotlin.jvm.internal.Intrinsics {
public static void check*(...);
public static void throw*(...);
}
-repackageclasses
-allowaccessmodification
-overloadaggressively
-renamesourcefileattribute SourceFile
================================================
FILE: app/src/main/AndroidManifest.xml
================================================
================================================
FILE: app/src/main/aidl/me/bmax/apatch/IAPRootService.aidl
================================================
// IAPRootService.aidl
package me.bmax.apatch;
import android.content.pm.PackageInfo;
import rikka.parcelablelist.ParcelableListSlice;
interface IAPRootService {
ParcelableListSlice getPackages(int flags);
}
================================================
FILE: app/src/main/assets/.gitignore
================================================
kpimg
*.kpm
================================================
FILE: app/src/main/assets/InstallAP.sh
================================================
#!/bin/sh
# By SakuraKyuo
OUTFD=/proc/self/fd/$2
function ui_print() {
echo -e "ui_print $1\nui_print" >> $OUTFD
}
function ui_printfile() {
while IFS='' read -r line || $BB [[ -n "$line" ]]; do
ui_print "$line";
done < $1;
}
function kernelFlagsErr(){
ui_print "- Installation has Aborted!"
ui_print "- APatch requires CONFIG_KALLSYMS to be Enabled."
ui_print "- But your kernel seems NOT enabled it."
exit
}
function apatchNote(){
ui_print "- APatch Patch Done"
ui_print "- APatch Key is: Ap$skey"
ui_print "- We do have saved Origin Boot image to /data"
ui_print "- If you encounter bootloop, reboot into Recovery and flash it"
exit
}
function failed(){
ui_printfile /dev/tmp/install/log
ui_print "- APatch Patch Failed."
ui_print "- Please feedback to the developer with the screenshots."
exit
}
function boot_execute_ab(){
./lib/arm64-v8a/libkptools.so unpack boot.img
if [[ ! $(./lib/arm64-v8a/libkptools.so -i ./kernel -f | grep CONFIG_KALLSYMS=y) ]]; then
kernelFlagsErr
fi
mv kernel kernel-origin
./lib/arm64-v8a/libkptools.so -p --image kernel-origin --skey "Ap$skey" --kpimg ./assets/kpimg --out ./kernel 2>&1 | tee /dev/tmp/install/log
if [[ ! $(cat /dev/tmp/install/log | grep "patch done") ]]; then
failed
fi
ui_printfile /dev/tmp/install/log
./lib/arm64-v8a/libkptools.so repack boot.img
dd if=/dev/tmp/install/new-boot.img of=/dev/block/by-name/boot$slot
mv boot.img /data/boot.img
apatchNote
}
function boot_execute(){
./lib/arm64-v8a/libkptools.so unpack boot.img
if [[ ! $(./lib/arm64-v8a/libkptools.so -i ./kernel -f | grep CONFIG_KALLSYMS=y) ]]; then
kernelFlagsErr
fi
mv kernel kernel-origin
./lib/arm64-v8a/libkptools.so -p --image kernel-origin --skey "Ap$skey" --kpimg ./assets/kpimg --out ./kernel 2>&1 | tee /dev/tmp/install/log
if [[ ! $(cat /dev/tmp/install/log | grep "patch done") ]]; then
failed
fi
ui_printfile /dev/tmp/install/log
./lib/arm64-v8a/libkptools.so repack boot.img
dd if=/dev/tmp/install/new-boot.img of=/dev/block/by-name/boot$slot
mv boot.img /data/boot.img
apatchNote
}
function main(){
cd /dev/tmp/install
chmod a+x ./assets/kpimg
chmod a+x ./lib/arm64-v8a/libkptools.so
slot=$(getprop ro.boot.slot_suffix)
skey=$(cat /proc/sys/kernel/random/uuid | cut -d \- -f1)
if [[ ! "$slot" == "" ]]; then
ui_print ""
ui_print "- You are using A/B device."
# Script author
ui_print "- Install Script by SakuraKyuo"
# Get kernel
ui_print ""
dd if=/dev/block/by-name/boot$slot of=/dev/tmp/install/boot.img
if [[ "$?" == 0 ]]; then
ui_print "- Detected boot partition."
boot_execute_ab
fi
else
ui_print "You are using A Only device."
# Get kernel
ui_print ""
dd if=/dev/block/by-name/boot of=/dev/tmp/install/boot.img
if [[ "$?" == 0 ]]; then
ui_print "- Detected boot partition."
boot_execute
fi
fi
}
main
================================================
FILE: app/src/main/assets/UninstallAP.sh
================================================
#!/bin/sh
# By SakuraKyuo
OUTFD=/proc/self/fd/$2
function ui_print() {
echo -e "ui_print $1\nui_print" >> $OUTFD
}
function ui_printfile() {
while IFS='' read -r line || $BB [[ -n "$line" ]]; do
ui_print "$line";
done < $1;
}
function apatchNote(){
ui_print "- APatch Unpatch Done"
exit
}
function failed(){
ui_print "- APatch Unpatch Failed."
ui_print "- Please feedback to the developer with the screenshots."
exit
}
function boot_execute_ab(){
./lib/arm64-v8a/libkptools.so unpack boot.img
mv kernel kernel-origin
./lib/arm64-v8a/libkptools.so -u --image kernel-origin --out ./kernel
if [[ ! "$?" == 0 ]]; then
failed
fi
./lib/arm64-v8a/libkptools.so repack boot.img
dd if=/dev/tmp/install/new-boot.img of=/dev/block/by-name/boot$slot
apatchNote
}
function boot_execute(){
./lib/arm64-v8a/libkptools.so unpack boot.img
mv kernel kernel-origin
./lib/arm64-v8a/libkptools.so -u --image kernel-origin --out ./kernel
if [[ ! "$?" == 0 ]]; then
failed
fi
./lib/arm64-v8a/libkptools.so repack boot.img
dd if=/dev/tmp/install/new-boot.img of=/dev/block/by-name/boot
apatchNote
}
function main(){
cd /dev/tmp/install
chmod a+x ./lib/arm64-v8a/libkptools.so
slot=$(getprop ro.boot.slot_suffix)
if [[ ! "$slot" == "" ]]; then
ui_print ""
ui_print "- You are using A/B device."
# Get kernel
ui_print ""
dd if=/dev/block/by-name/boot$slot of=/dev/tmp/install/boot.img
if [[ "$?" == 0 ]]; then
ui_print "- Detected boot partition."
boot_execute_ab
fi
else
ui_print "You are using A Only device."
# Get kernel
ui_print ""
dd if=/dev/block/by-name/boot of=/dev/tmp/install/boot.img
if [[ "$?" == 0 ]]; then
ui_print "- Detected boot partition."
boot_execute
fi
fi
}
main
================================================
FILE: app/src/main/assets/boot_extract.sh
================================================
#!/system/bin/sh
ARCH=$(getprop ro.product.cpu.abi)
IS_INSTALL_NEXT_SLOT=$1
# Load utility functions
. ./util_functions.sh
if [ "$IS_INSTALL_NEXT_SLOT" = "true" ]; then
get_next_slot
else
get_current_slot
fi
find_boot_image
[ -e "$BOOTIMAGE" ] || { >&2 echo "- can't find boot.img!"; exit 1; }
true
================================================
FILE: app/src/main/assets/boot_patch.sh
================================================
#!/system/bin/sh
#######################################################################################
# APatch Boot Image Patcher
#######################################################################################
#
# Usage: boot_patch.sh [ARGS_PASS_TO_KPTOOLS]
#
# This script should be placed in a directory with the following files:
#
# File name Type Description
#
# boot_patch.sh script A script to patch boot image for APatch.
# (this file) The script will use files in its same
# directory to complete the patching process.
# bootimg binary The target boot image
# kpimg binary KernelPatch core Image
# kptools executable The KernelPatch tools binary to inject kpimg to kernel Image
#
#######################################################################################
ARCH=$(getprop ro.product.cpu.abi)
# Load utility functions
. ./util_functions.sh
echo "****************************"
echo " APatch Boot Image Patcher"
echo "****************************"
SUPERKEY="$1"
BOOTIMAGE=$2
FLASH_TO_DEVICE=$3
shift 2
[ -z "$SUPERKEY" ] && { >&2 echo "- SuperKey empty!"; exit 1; }
[ -e "$BOOTIMAGE" ] || { >&2 echo "- $BOOTIMAGE does not exist!"; exit 1; }
# Check for dependencies
command -v ./kptools >/dev/null 2>&1 || { >&2 echo "- Command kptools not found!"; exit 1; }
if [ ! -f kernel ]; then
echo "- Unpacking boot image"
set -x
./kptools unpack "$BOOTIMAGE" "$@"
patch_rc=$?
set +x
if [ $patch_rc -ne 0 ]; then
>&2 echo "- Unpack error: $patch_rc"
exit $?
fi
fi
if [ ! $(./kptools -i kernel -f | grep CONFIG_KALLSYMS=y) ]; then
echo "- Patcher has Aborted!"
echo "- APatch requires CONFIG_KALLSYMS to be Enabled."
echo "- But your kernel seems NOT enabled it."
exit 0
fi
if [ $(./kptools -i kernel -l | grep patched=false) ]; then
echo "- Backing boot.img "
cp "$BOOTIMAGE" "ori.img" >/dev/null 2>&1
fi
mv kernel kernel.ori
echo "- Patching kernel"
set -x
./kptools -p -i kernel.ori -S "$SUPERKEY" -k kpimg -o kernel "$@"
patch_rc=$?
set +x
if [ $patch_rc -ne 0 ]; then
>&2 echo "- Patch kernel error: $patch_rc"
exit $?
fi
echo "- Repacking boot image"
./kptools repack "$BOOTIMAGE"
if [ ! $(./kptools -i kernel.ori -f | grep CONFIG_KALLSYMS_ALL=y) ]; then
echo "- Detected CONFIG_KALLSYMS_ALL is not set!"
echo "- APatch has patched but maybe your device won't boot."
echo "- Make sure you have original boot image backup."
fi
if [ $? -ne 0 ]; then
>&2 echo "- Repack error: $?"
exit $?
fi
if [ "$FLASH_TO_DEVICE" = "true" ]; then
# flash
if [ -b "$BOOTIMAGE" ] || [ -c "$BOOTIMAGE" ] && [ -f "new-boot.img" ]; then
echo "- Flashing new boot image"
flash_image new-boot.img "$BOOTIMAGE"
if [ $? -ne 0 ]; then
>&2 echo "- Flash error: $?"
exit $?
fi
fi
echo "- Successfully Flashed!"
else
echo "- Successfully Patched!"
fi
================================================
FILE: app/src/main/assets/boot_unpatch.sh
================================================
#!/system/bin/sh
#######################################################################################
# APatch Boot Image Unpatcher
#######################################################################################
ARCH=$(getprop ro.product.cpu.abi)
# Load utility functions
. ./util_functions.sh
echo "****************************"
echo " APatch Boot Image Unpatcher"
echo "****************************"
BOOTIMAGE=$1
[ -e "$BOOTIMAGE" ] || { echo "- $BOOTIMAGE does not exist!"; exit 1; }
echo "- Target image: $BOOTIMAGE"
# Check for dependencies
command -v ./kptools >/dev/null 2>&1 || { echo "- Command kptools not found!"; exit 1; }
if [ ! -f kernel ]; then
echo "- Unpacking boot image"
set -x
./kptools unpack "$BOOTIMAGE" "$@"
patch_rc=$?
if [ $patch_rc -ne 0 ]; then
>&2 echo "- Unpack error: $patch_rc"
exit $patch_rc
fi
fi
if [ ! $(./kptools -i kernel -l | grep patched=false) ]; then
echo "- kernel has been patched "
if [ -f "new-boot.img" ]; then
echo "- found backup boot.img ,use it for recovery"
else
mv kernel kernel.ori
echo "- Unpatching kernel"
./kptools -u --image kernel.ori --out kernel "$@"
if [ $? -ne 0 ]; then
>&2 echo "- Unpatch error: $?"
exit $?
fi
echo "- Repacking boot image"
./kptools repack "$BOOTIMAGE"
if [ $? -ne 0 ]; then
>&2 echo "- Repack error: $?"
exit $?
fi
fi
else
echo "- no need unpatch"
exit 0
fi
if [ -f "new-boot.img" ]; then
echo "- Flashing boot image"
flash_image new-boot.img "$BOOTIMAGE"
if [ $? -ne 0 ]; then
>&2 echo "- Flash error: $?"
exit $?
fi
fi
echo "- Flash successful"
# Reset any error code
true
================================================
FILE: app/src/main/assets/util_functions.sh
================================================
#!/system/bin/sh
#######################################################################################
# Helper Functions (credits to topjohnwu)
#######################################################################################
APATCH_VER='0.10.4'
APATCH_VER_CODE=164
ui_print() {
if $BOOTMODE; then
echo "$1"
else
echo -e "ui_print $1\nui_print" >> /proc/self/fd/$OUTFD
fi
}
toupper() {
echo "$@" | tr '[:lower:]' '[:upper:]'
}
grep_cmdline() {
local REGEX="s/^$1=//p"
{ echo $(cat /proc/cmdline)$(sed -e 's/[^"]//g' -e 's/""//g' /proc/cmdline) | xargs -n 1; \
sed -e 's/ = /=/g' -e 's/, /,/g' -e 's/"//g' /proc/bootconfig; \
} 2>/dev/null | sed -n "$REGEX"
}
grep_prop() {
local REGEX="s/^$1=//p"
shift
local FILES=$@
[ -z "$FILES" ] && FILES='/system/build.prop'
cat $FILES 2>/dev/null | dos2unix | sed -n "$REGEX" | head -n 1
}
getvar() {
local VARNAME=$1
local VALUE
local PROPPATH='/data/.magisk /cache/.magisk'
[ ! -z $MAGISKTMP ] && PROPPATH="$MAGISKTMP/.magisk/config $PROPPATH"
VALUE=$(grep_prop $VARNAME $PROPPATH)
[ ! -z $VALUE ] && eval $VARNAME=\$VALUE
}
is_mounted() {
grep -q " $(readlink -f $1) " /proc/mounts 2>/dev/null
return $?
}
abort() {
ui_print "$1"
$BOOTMODE || recovery_cleanup
[ ! -z $MODPATH ] && rm -rf $MODPATH
rm -rf $TMPDIR
exit 1
}
set_nvbase() {
NVBASE="$1"
MAGISKBIN="$1/magisk"
}
print_title() {
local len line1len line2len bar
line1len=$(echo -n $1 | wc -c)
line2len=$(echo -n $2 | wc -c)
len=$line2len
[ $line1len -gt $line2len ] && len=$line1len
len=$((len + 2))
bar=$(printf "%${len}s" | tr ' ' '*')
ui_print "$bar"
ui_print " $1 "
[ "$2" ] && ui_print " $2 "
ui_print "$bar"
}
setup_flashable() {
ensure_bb
$BOOTMODE && return
if [ -z $OUTFD ] || readlink /proc/$$/fd/$OUTFD | grep -q /tmp; then
# We will have to manually find out OUTFD
for FD in $(ls /proc/$$/fd); do
if readlink /proc/$$/fd/$FD | grep -q pipe; then
if ps | grep -v grep | grep -qE " 3 $FD |status_fd=$FD"; then
OUTFD=$FD
break
fi
fi
done
fi
recovery_actions
}
ensure_bb() {
if set -o | grep -q standalone; then
# We are definitely in busybox ash
set -o standalone
return
fi
# Find our busybox binary
local bb
if [ -f $TMPDIR/busybox ]; then
bb=$TMPDIR/busybox
elif [ -f $MAGISKBIN/busybox ]; then
bb=$MAGISKBIN/busybox
else
abort "! Cannot find BusyBox"
fi
chmod 755 $bb
# Busybox could be a script, make sure /system/bin/sh exists
if [ ! -f /system/bin/sh ]; then
umount -l /system 2>/dev/null
mkdir -p /system/bin
ln -s $(command -v sh) /system/bin/sh
fi
export ASH_STANDALONE=1
# Find our current arguments
# Run in busybox environment to ensure consistent results
# /proc//cmdline shall be
](https://f-droid.org/packages/me.bmax.apatch/)
Or download the latest APK from the [Releases Section](https://github.com/bmax121/APatch/releases/latest).
## Supported Versions
- Only supports the ARM64 architecture.
- Only supports Android kernel versions 3.18 - 6.12
Support for Samsung devices with security protection: Planned
## Requirement
Kernel configs:
- `CONFIG_KALLSYMS=y` and `CONFIG_KALLSYMS_ALL=y`
- `CONFIG_KALLSYMS=y` and `CONFIG_KALLSYMS_ALL=n`: Initial support
## Security Alert
The **SuperKey** has higher privileges than root access.
Weak or compromised keys can lead to unauthorized control of your device.
It is critical to use robust keys and safeguard them from exposure to maintain the security of your device.
## Translation
To help translate APatch or improve existing translations, please use [Weblate](https://hosted.weblate.org/engage/apatch/). PR of APatch translation is no longer accepted, because it will conflict with Weblate.