forked from topjohnwu/Magisk
-
Notifications
You must be signed in to change notification settings - Fork 0
/
boot_patch.sh
192 lines (164 loc) · 6.3 KB
/
boot_patch.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
#!/system/bin/sh
##########################################################################################
#
# Magisk Boot Image Patcher
# by topjohnwu
#
# Usage: boot_patch.sh <bootimage>
#
# The following flags can be set in environment variables:
# KEEPVERITY, KEEPFORCEENCRYPT
#
# This script should be placed in a directory with the following files:
#
# File name Type Description
#
# boot_patch.sh script A script to patch boot. Expect path to boot image as parameter.
# (this file) The script will use binaries and files in its same directory
# to complete the patching process
# util_functions.sh script A script which hosts all functions requires for this script
# to work properly
# magiskinit binary The binary to replace /init, which has the magisk binary embedded
# magiskboot binary A tool to unpack boot image, decompress ramdisk, extract ramdisk,
# and patch the ramdisk for Magisk support
# chromeos folder This folder should store all the utilities and keys to sign
# (optional) a chromeos device. Used for Pixel C
#
# If the script is not running as root, then the input boot image should be a stock image
# or have a backup included in ramdisk internally, since we cannot access the stock boot
# image placed under /data we've created when previously installed
#
##########################################################################################
##########################################################################################
# Functions
##########################################################################################
# Pure bash dirname implementation
getdir() {
case "$1" in
*/*) dir=${1%/*}; [ -z $dir ] && echo "/" || echo $dir ;;
*) echo "." ;;
esac
}
##########################################################################################
# Initialization
##########################################################################################
if [ -z $SOURCEDMODE ]; then
# Switch to the location of the script file
cd "`getdir "${BASH_SOURCE:-$0}"`"
# Load utility functions
. ./util_functions.sh
fi
BOOTIMAGE="$1"
[ -e "$BOOTIMAGE" ] || abort "$BOOTIMAGE does not exist!"
# Flags
[ -z $KEEPVERITY ] && KEEPVERITY=false
[ -z $KEEPFORCEENCRYPT ] && KEEPFORCEENCRYPT=false
[ -z $RECOVERYMODE ] && RECOVERYMODE=false
chmod -R 755 .
# Extract magisk if doesn't exist
[ -e magisk ] || ./magiskinit -x magisk magisk
##########################################################################################
# Unpack
##########################################################################################
CHROMEOS=false
ui_print "- Unpacking boot image"
./magiskboot unpack "$BOOTIMAGE"
case $? in
1 )
abort "! Unsupported/Unknown image format"
;;
2 )
ui_print "- ChromeOS boot image detected"
CHROMEOS=true
;;
esac
##########################################################################################
# Ramdisk restores
##########################################################################################
# Test patch status and do restore
ui_print "- Checking ramdisk status"
if [ -e ramdisk.cpio ]; then
./magiskboot cpio ramdisk.cpio test
STATUS=$?
else
# Stock A only system-as-root
STATUS=0
fi
case $((STATUS & 3)) in
0 ) # Stock boot
ui_print "- Stock boot image detected"
ui_print "- Backing up stock boot image"
SHA1=`./magiskboot --sha1 "$BOOTIMAGE" 2>/dev/null`
STOCKDUMP=stock_boot_${SHA1}.img.gz
./magiskboot compress "$BOOTIMAGE" $STOCKDUMP
cp -af ramdisk.cpio ramdisk.cpio.orig 2>/dev/null
;;
1 ) # Magisk patched
ui_print "- Magisk patched boot image detected"
# Find SHA1 of stock boot image
[ -z $SHA1 ] && SHA1=`./magiskboot --cpio ramdisk.cpio sha1 2>/dev/null`
./magiskboot cpio ramdisk.cpio restore
if ./magiskboot cpio ramdisk.cpio "exists init.rc"; then
# Normal boot image
cp -af ramdisk.cpio ramdisk.cpio.orig
else
# A only system-as-root
rm -f ramdisk.cpio
fi
;;
2 ) # Unsupported
ui_print "! Boot image patched by unsupported programs"
abort "! Please restore back to stock boot image"
;;
esac
##########################################################################################
# Ramdisk patches
##########################################################################################
ui_print "- Patching ramdisk"
echo "KEEPVERITY=$KEEPVERITY" > config
echo "KEEPFORCEENCRYPT=$KEEPFORCEENCRYPT" >> config
[ ! -z $SHA1 ] && echo "SHA1=$SHA1" >> config
[ -f recovery_dtbo ] && echo "RECOVERYMODE=true" >> config
./magiskboot cpio ramdisk.cpio \
"add 750 init magiskinit" \
"patch $KEEPVERITY $KEEPFORCEENCRYPT" \
"backup ramdisk.cpio.orig" \
"mkdir 000 .backup" \
"add 000 .backup/.magisk config"
if [ $((STATUS & 4)) -ne 0 ]; then
ui_print "- Compressing ramdisk"
./magiskboot --cpio ramdisk.cpio compress
fi
rm -f ramdisk.cpio.orig config
##########################################################################################
# Binary patches
##########################################################################################
if ! $KEEPVERITY; then
for dt in dtb kernel_dtb extra recovery_dtbo; do
[ -f $dt ] && ./magiskboot dtb-patch $dt && ui_print "- Removing dm(avb)-verity in $dt"
done
fi
if [ -f kernel ]; then
# Remove Samsung RKP
./magiskboot hexpatch kernel \
49010054011440B93FA00F71E9000054010840B93FA00F7189000054001840B91FA00F7188010054 \
A1020054011440B93FA00F7140020054010840B93FA00F71E0010054001840B91FA00F7181010054
# Remove Samsung defex
# Before: [mov w2, #-221] (-__NR_execve)
# After: [mov w2, #-32768]
./magiskboot hexpatch kernel 821B8012 E2FF8F12
# Force kernel to load rootfs
# skip_initramfs -> want_initramfs
./magiskboot hexpatch kernel \
736B69705F696E697472616D667300 \
77616E745F696E697472616D667300
fi
##########################################################################################
# Repack and flash
##########################################################################################
ui_print "- Repacking boot image"
./magiskboot repack "$BOOTIMAGE" || abort "! Unable to repack boot image!"
# Sign chromeos boot
$CHROMEOS && sign_chromeos
# Reset any error code
true