forked from laomocode/magiskonwsa
-
Notifications
You must be signed in to change notification settings - Fork 0
459 lines (404 loc) · 21 KB
/
magisk.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
name: Build WSA
on:
push:
pull_request:
workflow_dispatch:
inputs:
magisk_apk:
description: "Download link to magisk apk."
required: true
default: "https://raw.githubusercontent.com/topjohnwu/magisk-files/canary/app-debug.apk"
gapps_variant:
description: "Variants of gapps. Should be: [none, aroma, super, stock, full, mini, micro, nano, pico, tvstock, tvmini]"
required: false
default: "none"
root_sol:
description: "Root soluction. Should be: [magisk, none]"
required: true
default: "magisk"
jobs:
build:
runs-on: ubuntu-20.04
strategy:
matrix:
arch: [x64]
steps:
- name: Dependencies
run: |
pip3 install beautifulsoup4 lxml
sudo apt-get update && sudo apt-get install setools lzip
- name: Download WSA
shell: python
run: |
import requests
from bs4 import BeautifulSoup
import re
import zipfile
import os
import urllib.request
res = requests.post("https://store.rg-adguard.net/api/GetFiles", "type=CategoryId&url=858014f3-3934-4abe-8078-4aa193e74ca8&ring=WIS&lang=en-US", headers={
"content-type": "application/x-www-form-urlencoded"
})
html = BeautifulSoup(res.content, "lxml")
a = html.find("a", string=re.compile("MicrosoftCorporationII\.WindowsSubsystemForAndroid_.*\.msixbundle"))
link = a["href"]
print(f"downloading link: {link}", flush=True)
out_file = "wsa.zip"
arch = "${{ matrix.arch }}"
if not os.path.isfile(out_file):
urllib.request.urlretrieve(link, out_file)
zip_name = ""
with zipfile.ZipFile(out_file) as zip:
for f in zip.filelist:
if arch in f.filename.lower():
zip_name = f.filename
if not os.path.isfile(zip_name):
print(f"unzipping to {zip_name}", flush=True)
zip.extract(f)
ver_no = zip_name.split("_")
ver = ver_no[1]
with open(os.environ['GITHUB_ENV'], 'a') as f:
f.write(f'WSA_VER={ver}\n')
rel = ver_no[3].split(".")
rell = str(rel[0])
with open(os.environ['GITHUB_ENV'], 'a') as f:
f.write(f'WSA_REL={rell}\n')
break
with zipfile.ZipFile(zip_name) as zip:
if not os.path.isdir(arch):
print(f"unzipping from {zip_name}", flush=True)
zip.extractall(arch)
print("done", flush=True)
- name: Download Magisk
shell: python
run: |
import urllib.request
import zipfile
import os
magisk_apk = """${{ github.event.inputs.magisk_apk }}"""
if not magisk_apk:
magisk_apk = """https://raw.githubusercontent.com/topjohnwu/magisk-files/canary/app-debug.apk"""
out_file = "magisk.zip"
arch = "${{ matrix.arch }}"
abi_map={"x64" : ["x86_64", "x86"], "arm64" : ["arm64-v8a", "armeabi-v7a"]}
if not os.path.isfile(out_file):
urllib.request.urlretrieve(magisk_apk, out_file)
def extract_as(zip, name, as_name, dir):
info = zip.getinfo(name)
info.filename = as_name
zip.extract(info, dir)
with zipfile.ZipFile(out_file) as zip:
extract_as(zip, f"lib/{ abi_map[arch][0] }/libmagisk64.so", "magisk64", "magisk")
extract_as(zip, f"lib/{ abi_map[arch][1] }/libmagisk32.so", "magisk32", "magisk")
extract_as(zip, f"lib/{ abi_map[arch][0] }/libmagiskinit.so", "magiskinit", "magisk")
extract_as(zip, f"lib/{ abi_map['x64'][0] }/libmagiskinit.so", "magiskpolicy", "magisk")
- name: Download OpenGApps
if: ${{ github.event.inputs.gapps_variant != 'none' && github.event.inputs.gapps_variant != '' }}
shell: python
run: |
import requests
import zipfile
import os
import urllib.request
import json
arch = "${{ matrix.arch }}"
variant = "${{ github.event.inputs.gapps_variant }}"
abi_map = {"x64" : "x86_64", "arm64": "arm64"}
res = requests.get(f"https://api.opengapps.org/list")
j = json.loads(res.content)
link = {i["name"]: i for i in j["archs"][abi_map[arch]]["apis"]["11.0"]["variants"]}[variant]["zip"]
print(f"downloading link: {link}", flush=True)
out_file = "gapps.zip"
if not os.path.isfile(out_file):
urllib.request.urlretrieve(link, out_file)
print("done", flush=True)
- name: Extract GApps and expand images
if: ${{ github.event.inputs.gapps_variant != 'none' && github.event.inputs.gapps_variant != '' }}
run: |
mkdir gapps
unzip -p gapps.zip {Core,GApps}/'*.lz' | tar --lzip -C gapps -xvf - -i --strip-components=2 --exclude='setupwizardtablet-x86_64' --exclude='packageinstallergoogle-all' --exclude='speech-common' --exclude='markup-lib-arm' --exclude='markup-lib-arm64' --exclude='markup-all' --exclude='setupwizarddefault-x86_64' --exclude='pixellauncher-all' --exclude='pixellauncher-common'
e2fsck -yf ${{ matrix.arch }}/system.img
resize2fs ${{ matrix.arch }}/system.img $(( $(du -sB512 gapps | cut -f1) + $(du -sB512 ${{ matrix.arch }}/system.img | cut -f1) ))s
e2fsck -yf ${{ matrix.arch }}/product.img
resize2fs ${{ matrix.arch }}/product.img 1024M
e2fsck -yf ${{ matrix.arch }}/system_ext.img
resize2fs ${{ matrix.arch }}/system_ext.img 108M
- name: Expand vendor
run: |
e2fsck -yf ${{ matrix.arch }}/vendor.img
resize2fs ${{ matrix.arch }}/vendor.img 320M
- name: Mount images
run: |
sudo mkdir system
sudo mount -o loop ${{ matrix.arch }}/system.img system
sudo mount -o loop ${{ matrix.arch }}/vendor.img system/vendor
sudo mount -o loop ${{ matrix.arch }}/product.img system/product
sudo mount -o loop ${{ matrix.arch }}/system_ext.img system/system_ext
- name: Integrate Magisk
if: ${{ github.event.inputs.root_sol == 'magisk' || github.event.inputs.root_sol == '' }}
run: |
cp magisk.zip ${{ matrix.arch }}/Magisk.apk
sudo mkdir system/sbin
sudo chcon --reference system/init.environ.rc system/sbin
sudo chown root:root system/sbin
sudo chmod 0700 system/sbin
sudo cp magisk/* system/sbin/
sudo tee -a system/sbin/loadpolicy.sh <<EOF
#!/system/bin/sh
for module in $(ls /data/adb/modules); do
if ! [ -f "/data/adb/modules/$module/disable" ] && [ -f "/data/adb/modules/$module/sepolicy.rule" ]; then
/sbin/magiskpolicy --live --apply "/data/adb/modules/$module/sepolicy.rule"
fi
done
EOF
sudo find system/sbin -type f -exec chmod 0755 {} \;
sudo find system/sbin -type f -exec chown root:root {} \;
sudo find system/sbin -type f -exec chcon --reference system/product {} \;
chmod +x magisk/magiskpolicy
echo '/dev/wsa-magisk(/.*)? u:object_r:magisk_file:s0' | sudo tee -a system/vendor/etc/selinux/vendor_file_contexts
sudo ./magisk/magiskpolicy --load system/vendor/etc/selinux/precompiled_sepolicy --save system/vendor/etc/selinux/precompiled_sepolicy --magisk "allow * magisk_file lnk_file *"
sudo tee -a system/system/etc/init/hw/init.rc <<EOF
on post-fs-data
start logd
start adbd
mkdir /dev/wsa-magisk
mount tmpfs tmpfs /dev/wsa-magisk mode=0755
copy /sbin/magisk64 /dev/wsa-magisk/magisk64
chmod 0755 /dev/wsa-magisk/magisk64
symlink ./magisk64 /dev/wsa-magisk/magisk
symlink ./magisk64 /dev/wsa-magisk/su
symlink ./magisk64 /dev/wsa-magisk/resetprop
copy /sbin/magisk32 /dev/wsa-magisk/magisk32
chmod 0755 /dev/wsa-magisk/magisk32
copy /sbin/magiskinit /dev/wsa-magisk/magiskinit
chmod 0755 /dev/wsa-magisk/magiskinit
symlink ./magiskinit /dev/wsa-magisk/magiskpolicy
mkdir /dev/wsa-magisk/.magisk 700
mkdir /dev/wsa-magisk/.magisk/mirror 700
mkdir /dev/wsa-magisk/.magisk/block 700
rm /dev/.magisk_unblock
start IhhslLhHYfse
start FAhW7H9G5sf
wait /dev/.magisk_unblock 40
rm /dev/.magisk_unblock
service IhhslLhHYfse /system/bin/sh /sbin/loadpolicy.sh
user root
seclabel u:r:magisk:s0
oneshot
service FAhW7H9G5sf /dev/wsa-magisk/magisk --post-fs-data
user root
seclabel u:r:magisk:s0
oneshot
service HLiFsR1HtIXVN6 /dev/wsa-magisk/magisk --service
class late_start
user root
seclabel u:r:magisk:s0
oneshot
on property:sys.boot_completed=1
start YqCTLTppv3ML
service YqCTLTppv3ML /dev/wsa-magisk/magisk --boot-complete
user root
seclabel u:r:magisk:s0
oneshot
EOF
- name: Fix External Storage
run: |
wget -qO- "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/archive/$GITHUB_REF.tar.gz" | sudo tar --wildcards -zxvf- --strip-component=2 '*/x64/system/*'
sudo find system/system/priv-app -type d -exec chmod 0755 {} \;
sudo find system/system/priv-app -type f -exec chmod 0644 {} \;
sudo find system/system/priv-app -type d -exec chcon --reference=system/system/priv-app {} \;
- name: Integrate GApps
if: ${{ github.event.inputs.gapps_variant != 'none' && github.event.inputs.gapps_variant != '' }}
run: |
wget -qO- "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/archive/$GITHUB_REF.tar.gz" | sudo tar --wildcards -zxvf- --strip-component=2 '*/x64/gapps/*'
shopt -s extglob
sudo cp -vr gapps/!(product) system/system
sudo cp -vr gapps/product/* system/product/
sudo find system/system/{app,etc,framework,priv-app} -exec chown root:root {} \;
sudo find system/product/{app,etc,overlay,priv-app} -exec chown root:root {} \;
sudo find system/system/{app,etc,framework,priv-app} -type d -exec chmod 0755 {} \;
sudo find system/product/{app,etc,overlay,priv-app} -type d -exec chmod 0755 {} \;
sudo find system/system/{app,framework,priv-app} -type f -exec chmod 0644 {} \;
ls gapps/etc/ | xargs -n 1 -I dir sudo find system/system/etc/dir -type f -exec chmod 0644 {} \;
sudo find system/product/{app,etc,overlay,priv-app} -type f -exec chmod 0644 {} \;
sudo find system/system/{app,framework,priv-app} -type d -exec chcon --reference=system/system/app {} \;
sudo find system/product/{app,etc,overlay,priv-app} -type d -exec chcon --reference=system/product/app {} \;
ls gapps/etc/ | xargs -n 1 -I dir sudo find system/system/etc/dir -type d -exec chcon --reference=system/system/etc/permissions {} \;
sudo find system/system/{app,framework,priv-app} -type f -exec chcon --reference=system/system/framework/ext.jar {} \;
ls gapps/etc/ | xargs -n 1 -I dir sudo find system/system/etc/dir -type f -exec chcon --reference=system/system/etc/permissions {} \;
sudo find system/product/{app,etc,overlay,priv-app} -type f -exec chcon --reference=system/product/etc/permissions/privapp-permissions-venezia.xml {} \;
chmod +x ./magisk/magiskpolicy
sudo ./magisk/magiskpolicy --load system/vendor/etc/selinux/precompiled_sepolicy --save system/vendor/etc/selinux/precompiled_sepolicy "allow gmscore_app gmscore_app vsock_socket { create connect write read }" "allow gmscore_app device_config_runtime_native_boot_prop file read" "allow gmscore_app system_server_tmpfs dir search" "allow gmscore_app system_server_tmpfs file open"
- name: Fix GApps prop
if: ${{ github.event.inputs.gapps_variant != 'none' && github.event.inputs.gapps_variant != '' }}
shell: sudo python {0}
run: |
from __future__ import annotations
from io import TextIOWrapper
from os import system
from typing import OrderedDict
class Prop(OrderedDict):
def __init__(self, file: TextIOWrapper) -> None:
super().__init__()
for i, line in enumerate(file.read().splitlines(False)):
if '=' in line:
k, v = line.split('=', 2)
self[k] = v
else:
self[f".{i}"] = line
def __str__(self) -> str:
return '\n'.join([v if k.startswith('.') else f"{k}={v}" for k, v in self.items()])
def __iadd__(self, other: str) -> Prop:
self[f".{len(self)}"] = other
return self
new_props = {
("product", "brand"): "google",
("product", "manufacturer"): "Google",
("build", "product"): "redfin",
("product", "name"): "redfin",
("product", "device"): "redfin",
("product", "model"): "Pixel 5",
("build", "flavor"): "redfin-user"
}
def description(sec: str, p: Prop) -> str:
return f"{p[f'ro.{sec}.build.flavor']} {p[f'ro.{sec}.build.version.release_or_codename']} {p[f'ro.{sec}.build.id']} {p[f'ro.{sec}.build.version.incremental']} {p[f'ro.{sec}.build.tags']}"
def fingerprint(sec: str, p: Prop) -> str:
return f"""{p[f"ro.product.{sec}.brand"]}/{p[f"ro.product.{sec}.name"]}/{p[f"ro.product.{sec}.device"]}:{p[f"ro.{sec}.build.version.release"]}/{p[f"ro.{sec}.build.id"]}/{p[f"ro.{sec}.build.version.incremental"]}:{p[f"ro.{sec}.build.type"]}/{p[f"ro.{sec}.build.tags"]}"""
def fix_prop(sec, prop):
print(f"fixing {prop}", flush=True)
with open(prop, 'r') as f:
p = Prop(f)
p += "# extra prop added by MagiskOnWSA"
for k, v in new_props.items():
p[f"ro.{k[0]}.{k[1]}"] = v
if k[0] == "build":
p[f"ro.{sec}.{k[0]}.{k[1]}"] = v
elif k[0] == "product":
p[f"ro.{k[0]}.{sec}.{k[1]}"] = v
p["ro.build.description"] = description(sec, p)
p[f"ro.build.fingerprint"] = fingerprint(sec, p)
p[f"ro.{sec}.build.description"] = description(sec, p)
p[f"ro.{sec}.build.fingerprint"] = fingerprint(sec, p)
p[f"ro.bootimage.build.fingerprint"] = fingerprint(sec, p)
with open(prop, 'w') as f:
f.write(str(p))
for sec, prop in {"system": "system/system/build.prop", "product": "system/product/build.prop", "system_ext": "system/system_ext/build.prop", "vendor": "system/vendor/build.prop", "odm": "system/vendor/odm/etc/build.prop"}.items():
fix_prop(sec, prop)
- name: Umount images
run: |
sudo umount system/vendor
sudo umount system/product
sudo umount system/system_ext
sudo umount system
- name: Shrink images
run: |
e2fsck -yf ${{ matrix.arch }}/system.img
resize2fs -M ${{ matrix.arch }}/system.img
e2fsck -yf ${{ matrix.arch }}/vendor.img
resize2fs -M ${{ matrix.arch }}/vendor.img
e2fsck -yf ${{ matrix.arch }}/product.img
resize2fs -M ${{ matrix.arch }}/product.img
e2fsck -yf ${{ matrix.arch }}/system_ext.img
resize2fs -M ${{ matrix.arch }}/system_ext.img
- name: add ADB
if: ${{ github.event.inputs.root_sol == 'magisk' || github.event.inputs.root_sol == '' }}
run: |
wget https://dl.google.com/android/repository/platform-tools-latest-windows.zip -Oadb.zip
unzip adb.zip platform-tools/?db*
cp platform-tools/?db* ${{ matrix.arch }}/.
rm -r platform-tools
rm adb.zip
- name: Remove signature and add scripts
run: |
rm -rf ${{ matrix.arch }}/\[Content_Types\].xml ${{ matrix.arch }}/AppxBlockMap.xml ${{ matrix.arch }}/AppxSignature.p7x ${{ matrix.arch }}/AppxMetadata
tee ${{ matrix.arch }}/Install.ps1 <<EOF
# Automated Install script by Mioki
# http://github.com/okibcn
function Test-Administrator
{
[OutputType([bool])]
param()
process {
[Security.Principal.WindowsPrincipal]\$user = [Security.Principal.WindowsIdentity]::GetCurrent();
return \$user.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator);
}
}
if(-not (Test-Administrator))
{
Start-Process -Verb RunAs powershell.exe -Args "-executionpolicy bypass -command Set-Location \`"\$PSScriptRoot\`"; \`"\$PSCommandPath\`""
exit
}
\$ErrorActionPreference = "Stop"
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /t REG_DWORD /f /v "AllowDevelopmentWithoutDevLicense" /d "1"
Add-AppxPackage -Register .\AppxManifest.xml
if (Test-Path "./Magisk.apk") {
Write-Output "Magisk detected, installing..."
\$i = 20
do{
start-sleep -s 0.5
\$i--
}until( (\$i -eq 0) -or ((get-process).Name -contains "wsaclient") )
if ((get-process).Name -contains "wsaclient") {
Stop-Process -Name WsaClient
}
\$regHive = "\$env:LOCALAPPDATA/Packages/MicrosoftCorporationII.WindowsSubsystemForAndroid_8wekyb3d8bbwe/Settings/settings.dat"
\$regMountPoint = "HKLM\WSA"
Write-Output "Mounting WSA registry hive"
reg load \$regMountPoint \$regHive
\$develbit = "1"
\$reg = "Windows Registry Editor Version 5.00\`n\`n"
\$reg += "[HKEY_LOCAL_MACHINE\WSA]\`n\`n"
\$reg += "[HKEY_LOCAL_MACHINE\WSA\LocalState]\`n"
\$reg += "\`"DeveloperModeEnabled\`"=hex(5f5e10b):0"+ \$develbit + ",07,b9,6f,f3,d3,dc,d7,01\`n"
\$reg += "\`"OptionalDiagnosticDataEnabled\`"=hex(5f5e10b):00,dc,38,ba,75,ec,dc,d7,01\`n"
\$reg | Out-File "./wsa.reg"
Write-Output "Patching WSA registry..."
reg import "./wsa.reg"
rm -force wsa*.reg
[gc]::collect()
start-sleep -s 3
Write-Output "Unmounting patched WSA registry hive."
reg unload \$regMountPoint
Write-Output "starting an App to force the creation of the rw sdcard"
start-process "\$env:LOCALAPPDATA/Microsoft/WindowsApps/MicrosoftCorporationII.WindowsSubsystemForAndroid_8wekyb3d8bbwe/WsaClient.exe" -Args "/launch wsa://com.amazon.venezia"
Write-Output "Waiting for the Android system to boot for the first time..."
./adb kill-server
do{}until((./adb connect localhost:58526).Contains("connected"))
do{
\$output=(./adb devices)
foreach(\$line in \$output){
if(\$line.Contains("localhost")){
\$connection=\$line
}
}
}until(\$connection.Contains("device"))
Write-Output "WSA loaded and Developer mode is ON."
do{start-sleep -s 0.5}until(./adb shell "ps -d | grep 'com.amazon.venezia'")
./adb shell am force-stop com.amazon.venezia
Write-Output "Installing Magisk App..."
./adb install Magisk.apk
./adb shell monkey -p com.topjohnwu.magisk -c android.intent.category.LAUNCHER 1
}
EOF
- name: Generate artifact name
run: |
variant="${{ github.event.inputs.gapps_variant }}"
root="${{ github.event.inputs.root_sol }}"
if [[ "$root" = "none" ]]; then
name1=""
elif [[ "$root" = "" ]]; then
name1="-with-magisk"
else
name1="-with-${root}"
fi
if [[ "$variant" = "none" || "$variant" = "" ]]; then
name2="-NoGApps"
else
name2="-GApps-${variant}"
fi
echo "artifact_name=WSA${name1}${name2}_${{ env.WSA_VER }}_${{ matrix.arch }}_${{ env.WSA_REL }}" >> $GITHUB_ENV
- name: Upload WSA
uses: actions/upload-artifact@v2
with:
name: ${{ env.artifact_name }}
path: "./${{ matrix.arch }}/*"