#!/sbin/sh ########################################################################################## # # NanoDroid Patcher survival script # by Nanolx # ########################################################################################## ########################################################################################## # Generic Functions ########################################################################################## setup_environment () { TMPDIR=/dev/tmp/install export ANDROID_DATA="${TMPDIR}" PATH="${PATH}:/system/bin:/system/xbin" MAGISK_IMG=/data/adb/magisk.img MAGISK_PATH=/dev/tmp/magisk_img } ui_print() { if $BOOTMODE; then echo "$1" else echo -n -e "ui_print $1\n" >> /proc/self/fd/$OUTFD echo -n -e "ui_print\n" >> /proc/self/fd/$OUTFD fi } is_mounted () { if [ ! -z "$2" ]; then cat /proc/mounts | grep $1 | grep $2, >/dev/null else cat /proc/mounts | grep $1 >/dev/null fi return $? } mount_image() { if [ ! -d "$2" ]; then mount -o rw,remount rootfs / mkdir -p "$2" 2>/dev/null [ ! -d "$2" ] && return 1 fi if ! is_mounted "$2"; then LOOPDEVICE= for LOOP in 0 1 2 3 4 5 6 7; do if ! is_mounted "$2"; then LOOPDEVICE=/dev/block/loop$LOOP [ -e $LOOPDEVICE ] || mknod $LOOPDEVICE b 7 $LOOP 2>/dev/null losetup $LOOPDEVICE "$1" && mount -t ext4 -o loop $LOOPDEVICE "$2" if is_mounted "$2"; then break; fi fi done fi } # taken from Magisk, with minor modifications for NanoDroid mount_partitions () { SLOT=$(grep_cmdline androidboot.slot_suffix) if [ -z ${SLOT} ]; then SLOT=_$(grep_cmdline androidboot.slot) [ "${SLOT}" = "_" ] && SLOT= fi is_mounted /data || mount /data ${BOOTMODE} || mount -o bind /dev/urandom /dev/random ! is_mounted /system && mount -o rw /system if [ ! -f /system/build.prop ]; then SYSTEMBLOCK=$(find /dev/block -iname system${SLOT} | head -n 1) mount -t ext4 -o rw ${SYSTEMBLOCK} /system fi [ -f /system/build.prop ] || is_mounted /system || error "failed to mount /system (unsupported A/B device?)" if [ -f /system/init ]; then mkdir /system_root 2>/dev/null mount --move /system /system_root mount -o bind /system_root/system /system fi [ ! -f /system/build.prop ] && error "failed to mount /system (unsupported A/B device?)" } error () { ui_print "${@}" magisk_cleanup exit 1 } ########################################################################################## # Device Functions ########################################################################################## detect_outfd () { readlink /proc/$$/fd/$OUTFD 2>/dev/null | grep /tmp >/dev/null if [ "$?" -eq "0" ]; then OUTFD=0 for FD in `ls /proc/$$/fd`; do readlink /proc/$$/fd/$FD 2>/dev/null | grep pipe >/dev/null if [ "$?" -eq "0" ]; then ps | grep " 3 $FD " | grep -v grep >/dev/null if [ "$?" -eq "0" ]; then OUTFD=$FD break fi fi done fi } detect_bootmode () { ps | grep zygote | grep -v grep >/dev/null && BOOTMODE=true || BOOTMODE=false ${BOOTMODE} || ps -A 2>/dev/null | grep zygote | grep -v grep >/dev/null && BOOTMODE=true ${BOOTMODE} || id | grep -q 'uid=0' || BOOTMODE=true } grep_prop() { REGEX="${1}" shift FILES="${@}" [ -z "${@}" ] && FILES='/system/build.prop' sed -n "s/^${REGEX}=//p" ${FILES} | \ head -n 1 } grep_cmdline() { local REGEX="s/^${1}=//p" sed -E 's/ +/\n/g' /proc/cmdline | \ sed -n "${REGEX}" 2>/dev/null } detect_odex () { SERVICES_JAR_ODEX=$(unzip -lq /system/framework/services.jar | grep classes.dex) if [ "${SERVICES_JAR_ODEX}" ]; then ROM_DEX_STATUS=NONE else if [ -n "$(find '/system/framework/' -name '*.vdex')" ]; then ui_print " " ui_print " ++" ui_print " ++ vdexed ROM detected" ui_print " ++" ROM_DEX_STATUS=VDEX elif [ -n "$(find '/system/framework/' -name '*.odex')" ]; then ui_print " " ui_print " !! " ui_print " !! odexed ROMs are not supported" ui_print " !! patching will fail, if you have" ui_print " !! not manually deodexed services.jar" # ui_print " !! odexed ROM detected!" ui_print " !!" ROM_DEX_STATUS=ODEX fi fi } detect_arch () { ABI=$(grep_prop ro.product.cpu.abi | cut -c-3) ABI2=$(grep_prop ro.product.cpu.abi2 | cut -c-3) ABILONG=$(grep_prop ro.product.cpu.abi) ARCH=arm [ "$ABI" = "x86" ] && ARCH=x86 [ "$ABI2" = "x86" ] && ARCH=x86 [ "$ABILONG" = "arm64-v8a" ] && ARCH=arm64 [ "$ABILONG" = "x86_64" ] && ARCH=x86_64 case ${ARCH} in arm | arm64 ) FILE=${BASEDIR}/file.arm ZIPB=${BASEDIR}/zip.arm V_EX=${BASEDIR}/vdexExtractor.arm ;; x86 | x86_64 ) FILE=${BASEDIR}/file.x86 ZIPB=${BASEDIR}/zip.x86 V_EX=${BASEDIR}/vdexExtractor.x86 ;; esac case ${ARCH} in arm | x86 ) C_LD="/system/lib:/system/vendor/lib" ;; arm64 | x86_64 ) C_LD="/system/lib64:/system/vendor/lib64" ;; esac ui_print " > device architecture: ${ARCH}" } detect_sdk () { SDK_VERSION=$(grep_prop ro.build.version.sdk) [ "${SDK_VERSION}" -gt 28 ] && \ error " !! Android versions beyond Pie are not yet supported" [ "${SDK_VERSION}" -lt 16 ] && \ error " !! Android versions before Jelly Bean are not supported" if [ "${SDK_VERSION}" -lt 24 ]; then ui_print " > Android 4.1 - 6.0 (SDK ${SDK_VERSION}) detected" PATCH_HOOK="${BASEDIR}/hook_4.1-6.0_services.jar.dex" PATCH_UI_SERVICES="${BASEDIR}/ui_4.1-6.0_services.jar.dex" else ui_print " > Android 7.0 - 9.0 (SDK ${SDK_VERSION}) detected" PATCH_HOOK="${BASEDIR}/hook_7.0-9.0_services.jar.dex" fi [ "${SDK_VERSION}" -gt 21 ] && DEX_OPTS="--multi-dex-threaded" } ########################################################################################## # Magisk Functions ########################################################################################## grow_magisk_img () { request_size_check /tmp/services.jar image_size_check ${MAGISK_IMG} if [ "$reqSizeM" -gt "$curFreeM" ]; then SIZE=$(((reqSizeM + curUsedM) / 32 * 32 + 64)) resize2fs -f ${MAGISK_IMG} ${SIZE}M e2fsck -yf ${MAGISK_IMG} fi } shrink_magisk_img () { image_size_check ${MAGISK_IMG} NEWDATASIZE=$((curUsedM / 32 * 32 + 32)) if [ "$curSizeM" -gt "$NEWDATASIZE" ]; then resize2fs -f ${MAGISK_IMG} ${NEWDATASIZE}M e2fsck -yf ${MAGISK_IMG} fi } request_size_check() { reqSizeM=`unzip -l "$1" 2>/dev/null | tail -n 1 | awk '{ print $1 }'` reqSizeM=$((reqSizeM / 1048576 + 1)) } image_size_check() { e2fsck -yf $1 curBlocks=`e2fsck -n $1 2>/dev/null | grep $1 | cut -d, -f3 | cut -d\ -f2`; curUsedM=`echo "$curBlocks" | cut -d/ -f1` curSizeM=`echo "$curBlocks" | cut -d/ -f1` curFreeM=$(((curSizeM - curUsedM) * 4 / 1024)) curUsedM=$((curUsedM * 4 / 1024 + 1)) curSizeM=$((curSizeM * 4 / 1024)) } magisk_setup () { if [ -f ${MAGISK_IMG} ]; then grow_magisk_img || \ error " !! failed to grow magisk.img" mount_image ${MAGISK_IMG} ${MAGISK_PATH} || \ error " !! failed to mount ${MAGISK_PATH}" fi } magisk_cleanup () { if (is_mounted ${MAGISK_PATH}); then umount ${MAGISK_PATH} losetup -d $LOOPDEVICE rmdir ${MAGISK_PATH} shrink_magisk_img || \ error " !! failed to shrink magisk.img" fi } ########################################################################################## # Patcher Functions ########################################################################################## setup_patcher () { ui_print " > preparing environment" rm -rf ${TMPDIR} mkdir -p ${TMPDIR} unzip -o "${ZIP}" -d ${TMPDIR} || \ error " !! failed to prepare environment" for bin in zip.arm zip.x86 file.arm file.x86 \ vdexExtractor.arm vdexExtractor.x86; do chmod 0755 "${BASEDIR}/${bin}" || \ error " !! failed to prepare environment" done } patch_services () { ui_print " " ui_print " > patching signature spoofing support" ui_print " " cp /system/framework/services.jar \ ${BASEDIR}/services.jar || \ error " !! failed to copy services.jar" # # XXX deodex stuff # if [ "${ROM_DEX_STATUS}" = "VDEX" ]; then ui_print " >> deodexing services.jar [VDEX]" cp /system/framework/oat/${ARCH}/services.vdex \ ${BASEDIR}/services.vdex || \ error " !! failed to copy services.vdex" LD_LIBRARY_PATH=${C_LD} \ ${V_EX} -i ${BASEDIR}/services.vdex --ignore-crc-error || \ error " !! failed to deodex services.vdex" mv ${BASEDIR}/services.apk_classes.dex ${BASEDIR}/classes.dex || \ error " !! failed to deodex services.vdex" # just in case | not allowed to call error() ! LD_LIBRARY_PATH=${C_LD} \ ${ZIPB} -d "${BASEDIR}/services.jar" \ 'classes.dex' LD_LIBRARY_PATH=${C_LD} \ ${ZIPB} -j "${BASEDIR}/services.jar" \ "${BASEDIR}/classes.dex" || \ error " !! zip failed" # # XXX baksmali currently crashes on a real device, thus ODEX is not (yet) supported! # XXX though the code itself is fine, so feel free to test # # elif [ "${ROM_DEX_STATUS}" = "ODEX" ]; then # ui_print " >> deodexing services.jar [ODEX]" # # mkdir -p "${BASEDIR}/services.jar-mod" \ # "${BASEDIR}/services.jar-deodex" # unzip -d "${BASEDIR}/services.jar-mod" "${BASEDIR}/services.jar" # # LD_LIBRARY_PATH=${C_LD} \ # /system/bin/dalvikvm \ # -Xbootclasspath:"${BOOTCLASSES}" \ # -classpath "${BASEDIR}/baksmali.dex" \ # org.jf.baksmali.Main \ # x "${BASEDIR}/services.jar-mod/classes.dex" \ # -b /system/framework/core-oj.jar \ # -o "${BASEDIR}/services.jar-deodex" || \ # error " !! failed to deodex services.jar" # # # just in case | not allowed to call error() ! # LD_LIBRARY_PATH=${C_LD} \ # ${ZIPB} -d "${BASEDIR}/services.jar" \ # 'classes.dex' # # LD_LIBRARY_PATH=${C_LD} \ # ${ZIPB} -j "${BASEDIR}/services.jar" \ # "${BASEDIR}/services.jar-deodex/classes.dex" || \ # error " !! zip failed" # # rm -rf "${BASEDIR}/services.jar-deodex" \ # "${BASEDIR}/services.jar-mod" fi mkdir -p "${BASEDIR}/services.jar-mod" PATCHES="${PATCH_HOOK} ${PATCH_CORE}" ui_print " >> patching services.jar" LD_LIBRARY_PATH=${C_LD} \ /system/bin/dalvikvm \ -classpath "${BASEDIR}/dexpatcher.dex" \ lanchon.dexpatcher.Main \ ${DEX_OPTS} --api-level "${SDK_VERSION}" \ --verbose --output ${BASEDIR}/services.jar-mod \ ${BASEDIR}/services.jar ${PATCHES} || \ error " !! failed to apply patches" LD_LIBRARY_PATH=${C_LD} \ ${ZIPB} -d "${BASEDIR}/services.jar" \ 'classes.dex' || \ error " !! zip failed" LD_LIBRARY_PATH=${C_LD} \ ${ZIPB} -j "${BASEDIR}/services.jar" \ "${BASEDIR}/services.jar-mod/classes.dex" || \ error " !! zip failed" } backup_services_jar () { ui_print " << backing up services.jar to: /sdcard/nanodroid_backups" mkdir -p /sdcard/nanodroid_backups cp /system/framework/services.jar /sdcard/nanodroid_backups || \ error " !! failed to backup services.jar" } install_services () { ui_print " " for destination in /dev/tmp/magisk_img/NanoDroid /dev/tmp/magisk_img/NanoDroid_microG \ /sbin/.core/img/NanoDroid /sbin/.core/img/NanoDroid_microG /; do if [ -d ${destination} ]; then install_path="${destination}" break fi done if [ "${install_path}" = "/" ]; then mount -orw,remount /system || \ error " !! failed to mount /system read-write" backup_services_jar fi ui_print " << installing patched files to: ${install_path}" mkdir -p "${install_path}/system/framework" cp ${BASEDIR}/services.jar "${install_path}/system/framework" \ || error " !! failed to install services.jar" if [ "${install_path}" = "/" ]; then echo /system/framework/services.jar >> /data/adb/NanoDroid_FileList fi touch /data/adb/NanoDroid_Patched } ########################################################################################## # addon.d ########################################################################################## install_addond () { ui_print " " ui_print " Installing addon.d restoration setup" mkdir -p /data/adb/nanodroid_patcher [ -d /data/nanomod.patcher ] && rm -rf /data/nanomod.patcher [ -d /data/adb/nanomod_patcher ] && rm -rf /data/nanomod_patcher rm -f /system/addon.d/75-nanomodpatcher.sh \ /system/addon.d/75-nanodroidpatcher.sh for file in core_services.jar.dex dexpatcher.dex file.arm file.x86 \ hook_4.1-6.0_services.jar.dex hook_7.0-9.0_services.jar.dex \ zip.arm zip.x86 magic.mgc; do cp "${BASEDIR}/${file}" /data/adb/nanodroid_patcher/ done cp /dev/tmp/CommonPatcher /data/adb/nanodroid_patcher/ cp "${BASEDIR}/999-nanodroidpatcher.sh" /system/addon.d/ chmod 0755 /system/addon.d/999-nanodroidpatcher.sh }