How to root secondary rom ? #16
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Magisk loop mounts the /system by parsing /proc/mounts to get the partition information: https://goo.gl/9PBEHo In MultiROM this has two problems: (1) the /system partition is a bind mount and therefore would fail the mount command and (2) the partition that is listed in /proc/mounts would be the real block device which is just the userdata partition (/dev/block/mmcblk0pNN). * To workaround this we create an img file (for system only) and use loop mount instead of bind mount. * During boot the the fake system img will get loop mounted to /multirom/dev/system which will properly show up in /proc/mounts and being a loop mount will properly work with mount(). * Note: In order to avoid more interference with the existing loop devices, we now create our own loop devices at a higher range (MULTIROM_LOOP_NUM_START). * The accompanying change in MultiROM-TWRP is needed to be able to flash 'System Partition Mode' ROMs.
* libcryptfslollipop.so is dependent on libstdc++.so * For qcom hardware encryption libcrypfs_hw.so and its other libs (libunwind.so libbase.so libbacktrace.so libutils.so libcryptfs_hw.so) are needed
* It's easier to relink trampoline_encmnt and qseecomd to use /mrom_enc/linker[64] instead of symlinking it in /system. * This needs to be done after all the copies and other scripts have run and the files are in the final output dir $(MULTIROM_INST_DIR)/multirom/enc/.
* Android 8 uses plat_file_contexts and nonplat_file_contexts * Android 8 also uses 'restorecon --recursive --skip-ce /data'
* Use a separate .c file for the 'inject_file_contexts()' function which will handle both text and binary format file_contexts. * Only rely on the 'multirom_exclusion_path' string array to add the needed exclusions. This will become useful once the multirom directory changes. * This also allows us to use the same file for exclusions in TWRP.
* sdcardfs (re)sets uid+gid+mode on /data/media and it's subdirectories to media_rw:media_rw or to the appropriate settings for a per app directory. Refer to https://goo.gl/frxVpi for more details. * This will effectively break all secondary ROMs since they are stored in /data/media/0/multirom. * To block this from happening move multirom to a subdirectory within a 'container' directory in /data/media/0 and set this 'container' directory to be immutable. Doing so will result in /data/media/0/MultiROM not being affected by any changes (nor can it be manipulated), it's subdirectories however '/data/media/0/MultiROM/multirom/...' can be used normally. * The directory is set immutable during MultiROM installation, in trampoline, as well as MultiROM-TWRP to avoid potential problems if someone decides to flash a ROM/kernel with the sdcardfs issue to primary without injection or using normal TWRP. This would break any secondaries currently existing in Internal Storage. * However, setting/keeping the container immutable will interfere with 'Wipe Internal Storage' in MultiROM-TWRP, as well as regular TWRP, though maybe that is a good thing. TODO: set -i during 'Wipe Internal Storage' and/or add a new 'Wipe MultiROM' option in MultiROM-TWRP. Other options that were considered and tested successfully: (1) Use /data/multirom Move multirom to /data/multirom (don't forget to adjust TWRP to exclude /data/multirom from wipe and backups, as well as take into account that some installers will actually wipe data excluding media as part of their installation). This was my initial attempt, but was reconsidered due to the current change being effective, while minimizing code changes and maintaining the current directory in Internal Storage. At some point it may need to be reconsidered if this would make the most sense. Perhaps once we see devices with FBE this may become the most logical step. (2) Use .img files Similar to System Partition Mode, use .img files and loop mount them during boot. Since the secondary ROMs directories become actual files in /data/media/[0/]multirom/roms... these are unaffected by any change to /data/media/... The problem is that the data partition will become constrained and/or susceptible to 'overflow' crashes both while booted and in TWRP, since the actual free space is not properly reflected since it will show the free space within the .img file as opposed to the device's free space. (3) Use one of the already excluded 'names' 'autorun.inf', '.android_secure' and 'android_secure' are excluded by default from uid/gid derivation, and are hardcoded here https://goo.gl/dRQpYn so renaming /data/media/0/multirom to /data/media/0/autorun.inf (for example) will not let sdcardfs perform a chown on it and it's subdirectories. Not very intuitive though to have something called 'autorun.inf' in the root directory of Internal Storage which in fact is multirom. (Even if there's a multirom symlink to it, and the symlink will be affected by the uid/gid derivation)
* Doesn't affect the code execution, it's only needed to make future changes (the addition of trampoline511) easier.
* If /firmware exists in the bootimage, keep its content by renaming it during the encrypted work and restoring it after the decrypt process. * This is evident on the HTC U11, where if the /firmware directory is not present during boot (due to it's deletion in encryption.c) all the firmware files are not mounted at all since the /firmware directory is not created in the .rc files.
* Fixes 'Advanced Kernel Logging'. * Set permissions and ownership on the directory and files to make them world visible. * Change multirom_log and icon files to also use datamedia_dir.
Some devices have a permanent /vendor symlink to /system/vendor in ramdisk. As during multirom bootup neither system nor vendor partition is mounted, so /vendor points to a non-existent target. Running access() on this symlink results in error with NOENT (no such file or directory) as it tries to dereference the target of symlink. Thus, the symlinking of /mrom_enc/vendor to /vendor also fails since the link with same name already exists. Fix this by using lstat() which reports the existence of symlink (broken or working) and real file properly.
Some devices have certain drivers which probe and request for a firmware before multirom has symlinked /mrom_enc/vendor. Add a new flag to allow users to specify manual scan directories where users can put their own needed firmwares.
Mount system and/or vendor partition from dtb. Scan for fstab in vendor as well. Modify the fstab using bind mounts. Mark the dtb partitions as disabled in procfs to prevent fs_mgr from mounting it. Also inject file_contexts in system partition using bind mounting. Tested working AOSP GSI rom on Redmi Note 5 pro running oreo as primary rom. Retains compatibility with pre-oreo roms.
As recommended by google
The one in libcutils is crashing the kernel for some reason
Android P doesnt allow all dtb partitions to be disabled. So, now we make the partitions undetectable.
Devices which want to use it can setup a socket named "/property_socket" and poll for their desired property
Makes magisk flashing a breeze
Set MR_FIRMWARE_DIR in BoardConfig. Set to /firmware by default
Patch secondary ROM bootimg and build.prop systemless-ly to allow secondary ROM to boot even when it is using older android version and/or security patch with encryption enabled.
* System as root support * Android Q support * Support selinux * Support booting into second rom without a second reboot
Patch borrowed from magisk
Since File based encryption keys can't be added more than once per boot, we reboot the device after initial decryption and set multirom to skip the boot menu (just like what happens with secondary ROMs) for primary ROM as well. This will happen only on devices using FBE. Existing devices will continue seeing the current behaviour
I can't believe I have to do this
This library used LD_PRELOAD injection to redirect logcat symbols to kernel logger since logcat is not available during early boot. Very useful while debugging.
FBE devices leave this directory unencrypted and this saves us a lot of hassle of decrypting and rebooting the phone
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I tried magisk 20.0 but it was not working please tell me how to root the secondary rom