mirror of
https://gitlab.com/Nanolx/NanoDroid
synced 2024-11-07 15:20:36 +00:00
533 lines
14 KiB
Bash
533 lines
14 KiB
Bash
#!/sbin/sh
|
|
##########################################################################################
|
|
#
|
|
# NanoDroid Patcher survival script
|
|
# by Nanolx
|
|
#
|
|
##########################################################################################
|
|
|
|
##########################################################################################
|
|
# Generic Functions
|
|
##########################################################################################
|
|
|
|
setup_environment () {
|
|
TMPDIR=/dev/tmp/install
|
|
|
|
export ANDROID_DATA=${TMPDIR}
|
|
export PATCHER_ADDOND_DATA=/data/adb/nanodroid_patcher
|
|
|
|
if [ -f /data/adb/magisk/util_functions.sh ]; then
|
|
NVBASE=/data/adb
|
|
elif [ -f /data/magisk/util_functions.sh ]; then
|
|
NVBASE=/data
|
|
fi
|
|
}
|
|
|
|
ui_print() {
|
|
echo -n -e "ui_print $1\n" >> /proc/self/fd/$OUTFD
|
|
echo -n -e "ui_print\n" >> /proc/self/fd/$OUTFD
|
|
}
|
|
|
|
is_mounted () {
|
|
if [ ! -z "$2" ]; then
|
|
cat /proc/mounts | grep $1 | grep $2, >/dev/null
|
|
else
|
|
cat /proc/mounts | grep $1 >/dev/null
|
|
fi
|
|
return $?
|
|
}
|
|
|
|
|
|
# taken from Magisk, with minor modifications for NanoDroid
|
|
mount_partitions () {
|
|
SLOT=$(grep_cmdline androidboot.slot_suffix)
|
|
if [ -z ${SLOT} ]; then
|
|
SLOT=_$(grep_cmdline androidboot.slot)
|
|
[ "${SLOT}" = "_" ] && SLOT=
|
|
fi
|
|
|
|
is_mounted /data || mount /data || error "failed to mount /data!"
|
|
|
|
${BOOTMODE} || mount -o bind /dev/urandom /dev/random
|
|
|
|
! is_mounted /system && mount -o rw /system || mount -o rw,remount /system
|
|
|
|
if [ ! -f /system/build.prop ]; then
|
|
SYSTEMBLOCK=$(find /dev/block -iname system${SLOT} | head -n 1)
|
|
mount -o rw ${SYSTEMBLOCK} /system
|
|
fi
|
|
|
|
[ -f /system/build.prop ] || is_mounted /system || error "failed to mount /system (unsupported A/B device?)"
|
|
|
|
if [ -f /system/init.rc ]; then
|
|
mkdir /system_root 2>/dev/null
|
|
mount --move /system /system_root
|
|
mount -o bind /system_root/system /system
|
|
fi
|
|
|
|
[ ! -f /system/build.prop ] && error "failed to mount /system (unsupported A/B device?)"
|
|
|
|
if [ -L /system/vendor ]; then
|
|
! is_mounted /vendor && mount /vendor
|
|
if ! is_mounted /vendor; then
|
|
VENDORBLOCK=$(find /dev/block -iname vendor${SLOT} | head -n 1)
|
|
mount -o ro ${VENDORBLOCK} /vendor
|
|
fi
|
|
elif [ -d /system/vendor ]; then
|
|
### XXX work-around required for some ROMs
|
|
echo " xxx compat /vendor link created!"
|
|
ln -sf /system/vendor /vendor >/dev/null
|
|
fi
|
|
|
|
mount | awk '{print $1 " on " $3}'
|
|
}
|
|
|
|
error () {
|
|
ui_print " "
|
|
ui_print " !! ${@}"
|
|
ui_print " "
|
|
|
|
exit 1
|
|
}
|
|
|
|
set_perm () {
|
|
chown ${2}:${3} ${1} || error "failed change owner for ${1}"
|
|
chmod ${4} ${1} || error "failed to change mode for ${1}"
|
|
|
|
if [ ! -z "${5}" ]; then
|
|
chcon ${5} ${1} 2>/dev/null
|
|
else chcon 'u:object_r:system_file:s0' ${1} 2>/dev/null
|
|
fi
|
|
}
|
|
|
|
set_perm_recursive() {
|
|
find ${1} -type d 2>/dev/null | while read dir; do
|
|
set_perm ${dir} ${2} ${3} ${4} ${6}
|
|
done
|
|
find ${1} -type f 2>/dev/null | while read file; do
|
|
set_perm ${file} ${2} ${3} ${5} ${6}
|
|
done
|
|
}
|
|
|
|
set_perm_data () {
|
|
if [ "${1}" = "-r" ]; then
|
|
echo " perm: data [recursive] {${2}}"
|
|
set_perm_recursive ${2} 0 0 0755 0644
|
|
else
|
|
echo " perm: data [single] {${1}}"
|
|
set_perm ${1} 0 0 0644
|
|
fi
|
|
}
|
|
|
|
##########################################################################################
|
|
# Device Functions
|
|
##########################################################################################
|
|
|
|
detect_outfd () {
|
|
if [ -z $OUTFD ] || readlink /proc/$$/fd/$OUTFD | grep -q /tmp; then
|
|
# We will have to manually find out OUTFD
|
|
for FD in `ls /proc/$$/fd`; do
|
|
if readlink /proc/$$/fd/$FD | grep -q pipe; then
|
|
if ps | grep -v grep | grep -q " 3 $FD "; then
|
|
OUTFD=$FD
|
|
break
|
|
fi
|
|
fi
|
|
done
|
|
fi
|
|
}
|
|
|
|
detect_bootmode () {
|
|
[ -z ${BOOTMODE} ] && BOOTMODE=false
|
|
${BOOTMODE} || ps | grep zygote | grep -qv grep && BOOTMODE=true
|
|
${BOOTMODE} || ps -A | grep zygote | grep -qv grep && BOOTMODE=true
|
|
}
|
|
|
|
grep_prop() {
|
|
[ -f /vendor/build.prop ] && \
|
|
FILES="/system/build.prop /vendor/build.prop" || \
|
|
FILES="/system/build.prop"
|
|
|
|
sed -n "s/^${1}=//p" ${FILES} | head -n 1
|
|
}
|
|
|
|
grep_cmdline() {
|
|
local REGEX="s/^${1}=//p"
|
|
sed -E 's/ +/\n/g' /proc/cmdline | \
|
|
sed -n "${REGEX}" 2>/dev/null
|
|
}
|
|
|
|
detect_odex () {
|
|
SERVICES_JAR_DEX=$(unzip -lq /system/framework/services.jar | grep classes.dex)
|
|
|
|
if [ -n "$(find '/system/framework/' -name 'services.vdex')" ]; then
|
|
ROM_DEX_STATUS=VDEX
|
|
elif [ -n "$(find '/system/framework/' -name 'services.odex')" ]; then
|
|
ROM_DEX_STATUS=ODEX
|
|
else ROM_DEX_STATUS=UNKOWN
|
|
fi
|
|
|
|
[ "${SERVICES_JAR_DEX}" ] && ROM_DEX_STATUS=DEODEX
|
|
|
|
ui_print " "
|
|
ui_print " ++"
|
|
ui_print " ++ services.jar status: ${ROM_DEX_STATUS}"
|
|
ui_print " ++"
|
|
|
|
[ "${SDK_VERSION}" -gt 27 -a "${ROM_DEX_STATUS}" != "DEODEX" ] && \
|
|
error "Pie is only supported on de-odexed ROMs currently"
|
|
}
|
|
|
|
detect_arch () {
|
|
ABI=$(grep_prop ro.product.cpu.abi | cut -c-3)
|
|
ABI2=$(grep_prop ro.product.cpu.abi2 | cut -c-3)
|
|
ABILONG=$(grep_prop ro.product.cpu.abi)
|
|
|
|
ARCH=arm
|
|
|
|
[ "$ABI" = "x86" ] && ARCH=x86
|
|
[ "$ABI2" = "x86" ] && ARCH=x86
|
|
[ "$ABILONG" = "arm64-v8a" ] && ARCH=arm64
|
|
[ "$ABILONG" = "x86_64" ] && ARCH=x86_64
|
|
|
|
case ${ARCH} in
|
|
arm | arm64 )
|
|
ZIPB=${BASEDIR}/zip.arm
|
|
FILE=${BASEDIR}/file.arm
|
|
|
|
if [ -f ${TMPDIR}/busybox.arm ]; then
|
|
BUSY=${TMPDIR}/busybox.arm
|
|
else BUSY=${BASEDIR}/busybox.arm
|
|
fi
|
|
;;
|
|
x86 | x86_64 )
|
|
ZIPB=${BASEDIR}/zip.x86
|
|
FILE=${BASEDIR}/file.x86
|
|
|
|
if [ -f ${TMPDIR}/busybox.x86 ]; then
|
|
BUSY=${TMPDIR}/busybox.x86
|
|
else BUSY=${BASEDIR}/busybox.x86
|
|
fi
|
|
;;
|
|
esac
|
|
|
|
V_EX=${BASEDIR}/vdexExtractor.${ARCH}
|
|
|
|
chmod 0755 ${BUSY}
|
|
|
|
rm -rf ${BASEDIR}/busybox
|
|
mkdir -p ${BASEDIR}/busybox
|
|
|
|
ln -sf ${BUSY} ${BASEDIR}/busybox/busybox
|
|
${BUSY} --install -s ${BASEDIR}/busybox/
|
|
|
|
export PATH="${BASEDIR}/busybox:/system/bin:/system/xbin"
|
|
|
|
DALVIKVM_BIN=$(ls -l /system/bin/dalvikvm | awk '{print $NF}')
|
|
DALVIKVM_ARCH=$("${FILE}" -m "${BASEDIR}/magic.mgc" -L /system/bin/dalvikvm)
|
|
|
|
case ${DALVIKVM_BIN} in
|
|
dalvikvm32 )
|
|
export LD_LIBRARY_PATH="/system/lib:/vendor/lib:/system/vendor/lib"
|
|
;;
|
|
|
|
dalvikvm64 )
|
|
export LD_LIBRARY_PATH="/system/lib64:/vendor/lib64:/system/vendor/lib64"
|
|
;;
|
|
|
|
dalvikvm )
|
|
case ${DALVIKVM_ARCH} in
|
|
*32-bit* )
|
|
export LD_LIBRARY_PATH="/system/lib:/vendor/lib:/system/vendor/lib"
|
|
;;
|
|
|
|
*64-bit* )
|
|
export LD_LIBRARY_PATH="/system/lib64:/vendor/lib64:/system/vendor/lib64"
|
|
;;
|
|
esac
|
|
;;
|
|
esac
|
|
|
|
ui_print " > device architecture: ${ARCH}"
|
|
}
|
|
|
|
detect_sdk () {
|
|
SDK_VERSION=$(grep_prop ro.build.version.sdk)
|
|
|
|
[ "${SDK_VERSION}" -gt 28 ] && \
|
|
error "Android versions beyond Pie are not yet supported"
|
|
|
|
[ "${SDK_VERSION}" -lt 16 ] && \
|
|
error "Android versions before Jelly Bean are not supported"
|
|
|
|
if [ "${SDK_VERSION}" -gt 25 ]; then
|
|
BAKSMALI="${BASEDIR}/baksmali_26.dex"
|
|
SMALI="${BASEDIR}/smali_26.dex"
|
|
elif [ "${SDK_VERSION}" -gt 23 ]; then
|
|
BAKSMALI="${BASEDIR}/baksmali_25.dex"
|
|
SMALI="${BASEDIR}/smali_25.dex"
|
|
else
|
|
BAKSMALI="${BASEDIR}/baksmali_23.dex"
|
|
SMALI="${BASEDIR}/smali_23.dex"
|
|
fi
|
|
|
|
PATCH_CORE="${BASEDIR}/core_services.jar.dex"
|
|
|
|
if [ "${SDK_VERSION}" -lt 24 ]; then
|
|
ui_print " > Android 4.1 - 6.0 (SDK ${SDK_VERSION}) detected"
|
|
PATCH_HOOK="${BASEDIR}/hook_4.1-6.0_services.jar.dex"
|
|
else
|
|
ui_print " > Android 7.0 - 9.0 (SDK ${SDK_VERSION}) detected"
|
|
PATCH_HOOK="${BASEDIR}/hook_7.0-9.0_services.jar.dex"
|
|
fi
|
|
|
|
[ "${SDK_VERSION}" -gt 21 ] && DEX_OPTS="--multi-dex-threaded"
|
|
}
|
|
|
|
##########################################################################################
|
|
# by @ale5000
|
|
##########################################################################################
|
|
|
|
search_fake_package_signature () {
|
|
PERMISSION=android.permission.FAKE_PACKAGE_SIGNATURE
|
|
PERMISSION_OD=$(echo -n "${PERMISSION}" | od -A n -t x1 | tr -d '\n' | sed -e 's/^ //g;s/ /00/g')
|
|
HAS_FAKESIGN=false
|
|
|
|
FW_RES_DIR="${TMPDIR}/framework-res"
|
|
|
|
if [ ! -f ${FW_RES_DIR}/AndroidManifest.xml ]; then
|
|
mkdir -p "${FW_RES_DIR}"
|
|
unzip -oq /system/framework/framework-res.apk -d "${FW_RES_DIR}"
|
|
fi
|
|
|
|
grep -qF "${PERMISSION}" "${FW_RES_DIR}/AndroidManifest.xml" && HAS_FAKESIGN=true
|
|
od -A n -t x1 "${FW_RES_DIR}/AndroidManifest.xml" | tr -d ' \n' | grep -qF "${PERMISSION_OD}" && HAS_FAKESIGN=true
|
|
|
|
${HAS_FAKESIGN} && return 0 || return 1
|
|
}
|
|
|
|
##########################################################################################
|
|
# Patcher Functions
|
|
##########################################################################################
|
|
|
|
setup_patcher () {
|
|
ui_print " > preparing environment"
|
|
|
|
rm -rf ${TMPDIR}
|
|
mkdir -p ${TMPDIR}
|
|
|
|
unzip -oq "${ZIP}" -d ${TMPDIR} || \
|
|
error "failed to prepare environment"
|
|
|
|
for bin in zip.arm zip.x86 \
|
|
vdexExtractor.arm vdexExtractor.x86 \
|
|
vdexExtractor.arm64 vdexExtractor.x86_64 \
|
|
file.arm file.x86; do
|
|
chmod 0755 "${BASEDIR}/${bin}" || \
|
|
error "failed to prepare environment"
|
|
done
|
|
|
|
mkdir -p /data/adb/
|
|
}
|
|
|
|
call_dalvikvm () {
|
|
for jar in /system/framework/*.jar ; do
|
|
BOOTCLASSES=${BOOTCLASSES}:${jar}
|
|
done
|
|
|
|
DALVIKVM_OPTS="-verbose:gc -verbose:jit -verbose:jni \
|
|
-verbose:class -Xnodex2oat -Xnoimage-dex2oat"
|
|
|
|
if [ "${ROM_DEX_STATUS}" = "DEODEX" ]; then
|
|
/system/bin/dalvikvm \
|
|
-Xbootclasspath:${BOOTCLASSES} \
|
|
${DALVIKVM_OPTS} \
|
|
"${@}"
|
|
else
|
|
/system/bin/dalvikvm \
|
|
${DALVIKVM_OPTS} \
|
|
"${@}"
|
|
fi
|
|
}
|
|
|
|
deodex_vdex () {
|
|
ui_print " >> deodexing services.jar [VDEX]"
|
|
|
|
cp /system/framework/oat/${ARCH}/services.vdex \
|
|
${BASEDIR}/services.vdex || \
|
|
error "failed to copy services.vdex"
|
|
|
|
${V_EX} -i ${BASEDIR}/services.vdex \
|
|
--ignore-crc-error --debug=4 || \
|
|
error "failed to deodex services.vdex"
|
|
|
|
mv ${BASEDIR}/services.apk_classes.dex ${BASEDIR}/classes.dex || \
|
|
error "failed to deodex services.vdex"
|
|
|
|
${ZIPB} -j "${BASEDIR}/services.jar" \
|
|
"${BASEDIR}/classes.dex" || \
|
|
error "zip failed"
|
|
}
|
|
|
|
deodex_odex () {
|
|
ui_print " >> deodexing services.jar [ODEX]"
|
|
|
|
cp "/system/framework/oat/${ARCH}/services.odex" "${BASEDIR}"
|
|
|
|
# baksmali/smali options switches (version dependent)
|
|
MAIN=Main
|
|
DEODEX="x"
|
|
ASSEMBLE="a"
|
|
BOOTCLASSPATH="-b"
|
|
CLASSPATHDIR="-d"
|
|
|
|
if [ "${SDK_VERSION}" -lt 24 ]; then
|
|
MAIN=main
|
|
DEODEX="-x"
|
|
ASSEMBLE=
|
|
BOOTCLASSPATH="-c"
|
|
fi
|
|
|
|
ui_print " [1] baksmali services.odex"
|
|
|
|
call_dalvikvm \
|
|
-classpath "${BAKSMALI}" \
|
|
org.jf.baksmali.${MAIN} \
|
|
${DEODEX} \
|
|
${BOOTCLASSPATH} "/system/framework/${ARCH}/boot.oat" \
|
|
${CLASSPATHDIR} "/system/framework/${ARCH}" \
|
|
${CLASSPATHDIR} "/system/framework" \
|
|
-o "${BASEDIR}/services.jar-deodex" \
|
|
"${BASEDIR}/services.odex" || \
|
|
error "failed to deodex services.jar"
|
|
|
|
ui_print " [2] smali services.odex"
|
|
|
|
call_dalvikvm \
|
|
-classpath "${SMALI}" \
|
|
org.jf.smali.${MAIN} \
|
|
${ASSEMBLE} \
|
|
-o "${BASEDIR}/services.jar-deodex/classes.dex" \
|
|
"${BASEDIR}/services.jar-deodex" || \
|
|
error "failed to rebuild classes.dex"
|
|
|
|
${ZIPB} -j "${BASEDIR}/services.jar" \
|
|
"${BASEDIR}/services.jar-deodex"/classes*.dex || \
|
|
error "zip failed"
|
|
|
|
rm -rf "${BASEDIR}/services.jar-deodex"
|
|
}
|
|
|
|
patch_services () {
|
|
ui_print " "
|
|
ui_print " > patching signature spoofing support"
|
|
ui_print " "
|
|
|
|
cp /system/framework/services.jar \
|
|
${BASEDIR}/services.jar || \
|
|
error "failed to copy services.jar"
|
|
|
|
if [ "${ROM_DEX_STATUS}" = "VDEX" ]; then
|
|
deodex_vdex
|
|
elif [ "${ROM_DEX_STATUS}" = "ODEX" ]; then
|
|
deodex_odex
|
|
fi
|
|
|
|
mkdir -p "${BASEDIR}/services.jar-mod"
|
|
|
|
PATCHES="${PATCH_HOOK} ${PATCH_CORE}"
|
|
|
|
ui_print " >> patching services.jar"
|
|
|
|
call_dalvikvm \
|
|
-classpath "${BASEDIR}/dexpatcher.dex" \
|
|
lanchon.dexpatcher.Main \
|
|
${DEX_OPTS} --api-level "${SDK_VERSION}" \
|
|
--verbose --debug --output ${BASEDIR}/services.jar-mod \
|
|
${BASEDIR}/services.jar ${PATCHES} || \
|
|
error "failed to apply patches"
|
|
|
|
${ZIPB} -d "${BASEDIR}/services.jar" \
|
|
'classes*.dex' || \
|
|
error "zip failed"
|
|
|
|
${ZIPB} -j "${BASEDIR}/services.jar" \
|
|
"${BASEDIR}/services.jar-mod"/classes*.dex || \
|
|
error "zip failed"
|
|
}
|
|
|
|
backup_services_jar () {
|
|
ui_print " << backing up services.jar to: /data/media/0/nanodroid_backups"
|
|
services_name="services.jar_$(grep_prop ro.build.flavor)_$(grep_prop ro.build.id)"
|
|
|
|
mkdir -p /data/media/0/nanodroid_backups
|
|
cp /system/framework/services.jar "/data/media/0/nanodroid_backups/${services_name}" || \
|
|
error "failed to backup services.jar"
|
|
}
|
|
|
|
install_services () {
|
|
ui_print " "
|
|
for destination in /data/adb/modules/NanoDroid /data/adb/modules/NanoDroid_microG /; do
|
|
if [ -d ${destination} ]; then
|
|
install_path="${destination}"
|
|
break
|
|
fi
|
|
done
|
|
|
|
if [ "${install_path}" = "/" ]; then
|
|
mount -orw,remount /system || \
|
|
error "failed to mount /system read-write"
|
|
backup_services_jar
|
|
fi
|
|
|
|
ui_print " << installing patched files to: ${install_path}"
|
|
|
|
mkdir -p "${install_path}/system/framework"
|
|
cp ${BASEDIR}/services.jar "${install_path}/system/framework/" \
|
|
|| error "failed to install services.jar"
|
|
set_perm_data "${install_path}/system/framework/services.jar"
|
|
|
|
cp "${BASEDIR}/org.spoofing.apk" "${install_path}/system/framework/"
|
|
set_perm_data "${install_path}/system/framework/org.spoofing.apk"
|
|
|
|
touch /data/adb/NanoDroid_Patched
|
|
}
|
|
|
|
##########################################################################################
|
|
# addon.d
|
|
##########################################################################################
|
|
|
|
install_addond () {
|
|
ui_print " "
|
|
ui_print " Installing addon.d restoration setup"
|
|
|
|
rm -rf ${PATCHER_ADDOND_DATA}
|
|
mkdir -p ${PATCHER_ADDOND_DATA}
|
|
|
|
[ -d /data/nanomod.patcher ] && rm -rf /data/nanomod.patcher
|
|
[ -d /data/adb/nanomod_patcher ] && rm -rf /data/nanomod_patcher
|
|
rm -f /system/addon.d/75-nanomodpatcher.sh \
|
|
/system/addon.d/75-nanodroidpatcher.sh \
|
|
/system/addon.d/999-nanodroidpatcher.sh
|
|
|
|
for file in core_services.jar.dex dexpatcher.dex \
|
|
hook_4.1-6.0_services.jar.dex hook_7.0-9.0_services.jar.dex \
|
|
baksmali_23.dex baksmali_25.dex baksmali_26.dex \
|
|
smali_23.dex smali_25.dex smali_26.dex \
|
|
magic.mgc org.spoofing.apk; do
|
|
cp "${BASEDIR}/${file}" ${PATCHER_ADDOND_DATA}/
|
|
done
|
|
|
|
cp /dev/tmp/CommonPatcher ${PATCHER_ADDOND_DATA}/
|
|
|
|
for file in ${ZIPB} ${V_EX} ${BUSY} ${FILE}; do
|
|
cp ${file} ${PATCHER_ADDOND_DATA}/
|
|
chmod 0755 ${PATCHER_ADDOND_DATA}/$(basename "${file}")
|
|
done
|
|
|
|
mkdir -p /system/addon.d/
|
|
cp "${BASEDIR}/70-nanodroidpatcher.sh" /system/addon.d/
|
|
chmod 0755 /system/addon.d/70-nanodroidpatcher.sh
|
|
}
|
|
|