diff --git a/META-INF/com/google/android/update-binary b/META-INF/com/google/android/update-binary index ea4889e..28b48e5 100755 --- a/META-INF/com/google/android/update-binary +++ b/META-INF/com/google/android/update-binary @@ -30,4 +30,4 @@ mount /data 2>/dev/null [ $MAGISK_VER_CODE -lt 20400 ] && require_new_magisk install_module -exit 0 \ No newline at end of file +exit 0 diff --git a/README.md b/README.md index 16adcaa..5f8b2ad 100644 --- a/README.md +++ b/README.md @@ -79,6 +79,7 @@ Keep in mind that this module cannot help you pass CTS if your device uses hardw - [Props don't seem to set properly](https://github.com/Magisk-Modules-Repo/MagiskHide-Props-Config/blob/master/README.md#props-dont-seem-to-set-properly) - [My build.prop doesn't change after using the module](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/README.md#my-buildprop-doesnt-change-after-using-the-module) - [My device's Android security patch date changed](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/README.md#my-devices-android-security-patch-date-changed) + - [My device's model has changed](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/README.md#my-devices-model-has-changed) - [The Play Store is broken](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/README.md#the-play-store-is-broken) - [The interface looks weird](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/README.md#the-interface-looks-weird) - [Boot takes a lot longer after setting props](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/README.md#boot-takes-a-lot-longer-after-setting-props) @@ -148,7 +149,7 @@ The settings option (-s) can be used even if the module boot scripts did not run ## What option should I use? ### Not passing SafetyNet -If you can't pass the CTS profile check of the SafetyNet check there are two features of the module that have the potential to help. +If you can't pass the CTS profile check of the SafetyNet check there are a few things that you might have to do. If you are using a custom ROM (or have a stock ROM on a device that isn't certified by Google) you most likely need to change the device fingerprint to one that has been Google certified. Use the "[Edit device fingerprint"](https://github.com/Magisk-Modules-Repo/MagiskHide-Props-Config/blob/master/README.md#spoofing-devices-fingerprint-to-pass-the-ctsprofile-check) feature. @@ -271,7 +272,7 @@ Just run the `props` command and the list will be updated automatically. Use the If you already have a device fingerprint set by the module, and it has been updated in the current fingerprints list, it will be automatically updated when the prints list gets an update. Just reboot to apply. This function can be turned of in the script settings (see ["Prop script settings"](https://github.com/Magisk-Modules-Repo/MagiskHide-Props-Config#prop-script-settings) below) -**_Current fingerprints list version - v131_** +**_Current fingerprints list version - v132_** ## Please add support for device X @@ -289,11 +290,27 @@ You can enter the fingerprint manually in the `Edit device fingerprint` menu in ## Force BASIC key attestation -Google now enforces the use of hardware backed key attestation on devices that has the necessary hardware (all devices that shipped with Android 8+ and even some older devices). Up until mid January 2021 you could work around this by changing the model props to something other than the actual device. No more... +Google now enforces the use of hardware backed key attestation on devices that has the necessary hardware (all devices that shipped with Android 8+ and even some older devices). Up until mid January 2021 you could work around this by changing the model props to something other than the actual device. This might still be necessary, and can be done with this feature of the module, but you most likely also need to trick keystore further than that. -There is a fix though. @kdrag0n over on XDA Developers have a Magsk module that will trick keystore into thinking that the hardware isn't available and this will then force basic attestation. You can find that module together with details on how it works here: +@kdrag0n over on XDA Developers have a Magsk module that will trick keystore into thinking that the hardware isn't available and this will then force basic attestation. You can find that module together with details on how it works here: https://forum.xda-developers.com/t/magisk-module-universal-safetynet-fix-1-1-0.4217823/ +These two things in combination might be required to pass CTS. + +If you aren't successful in passing CTS by changing the model, you could try using the Xposed (although it is recommended to use LSPosed if you want to have the best chance of passing SafetyNet) module XprivacyLua and restrict Google Play Services. Instructions on how to install LSPosed and XprivacyLua and how to use that module can be found with a simple web search, I won't cover that here. + +This feature of the module has nothing to do with the device fingerprint, but uses the included fingerprints list to find the necessary value to use for the `ro.product.model` prop (and related props). + +As long as Google doesn't roll out hardware based key attestation universally, it seems like we can fool SafetyNet into using the basic attestation by changing the `ro.product.model` prop (to pass the CTS profile check even with an unlocked bootloader). The module scripts will also alter related partition specific props (odm, product, system, vendor and system_ext) to match, if they are available. Thank you to @Displax over at XDA for finding this: https://forum.xda-developers.com/showpost.php?p=83028387&postcount=40658 + +The prefered method is to pick a device manually from the list of devices (based on the module fingerprints list) or set your own custom value. Do NOT pick your own device, instead try a device that is as close to your actual device as possible. The closer it is to your actual device the less is the likelyhood that things will stop working as a result of the model prop change. + +It is also possible to use a custom value, if that's what you prefer. + +If a device isn't picked from the list or a custom value entered, this feature will by default use an old devices model prop value, based on your device or currently set fingerprint, to make sure that it is recognised as a device without the necessary hardware (picked from the available devices in the module fingerprints list). Using an actual model value from an old device may also help with keeping OEM specific features working (like the Samsung Galaxy Store). If device/OEM specific features still doesn't work after activating this option, or your device is otherwise behaving strangely, try picking a device manually from the included list (see below). If no model prop value from an old enough device is available, the value from `ro.product.device` will be used instead. + +Note that using the [Device simulation](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/README.md#device-simulation) feature to simulate `ro.product.model` (and related props) will be disabled when this feature is enabled (all other simiulation props will still work though). It is also worth noting that using the [Device simulation](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/README.md#device-simulation) feature to change ro.product.model will also force a basic key attestation. + ## Device simulation **_NOTE! This feature is not generally needed to pass SafetyNet's CTS profile test and may even cause issues. Only enable it if you actually need it!_** @@ -308,7 +325,7 @@ If you want to simulate a specific device (to get access to device specific apps - ro.build.display.id - ro.build.version.sdk - ro.product.manufacturer -- ro.product.model +- ro.product.model (disabled if [Force BASIC key attestation](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/README.md#force-basic-key-attestation) is enabled) By default all props are disabled when this option is activated, but it is possible to activate or deactivate each prop individually or all of them at once. It is also possible to activate several props simultaneously by choosing the corresponding numbers in the menu list and entering them separated by a comma. Example: If I would like to activate ro.product.name, ro.product.device and ro.product.manufacturer I would enter __"2,3,9"__. @@ -319,26 +336,42 @@ Whenever a fingerprint is set by the module, the `ro.build.description` prop wil ## Set/reset MagiskHide Sensitive props -By default, if MagiskHide detects certain sensitive prop values they will be changed to known safe values. Some of these that this feature can change are: -- ro.debuggable (set to "0" by MagiskHide - sensitive value is "1") -- ro.secure (set to "1" by MagiskHide - sensitive value is "0") -- ro.build.type (set to "user" by MagiskHide - sensitive value is "userdebug") -- ro.build.tags (set to "release-keys" by MagiskHide - sensitive value is "test-keys" or "dev-keys") -- ro.bootmode (set to "unknown" by MagiskHide - sensitive value is "recovery") -- ro.boot.mode (set to "unknown" by MagiskHide - sensitive value is "recovery") -- ro.build.selinux (set to "0" by MagiskHide - sensitive value is "1") - -There are other props set by MagiskHide, but they are mainly used for finding the bootloader state and not needed here. - -From Magisk Canary build 20412 ro.build.selinux is no longer changed by MagiskHide, since different root checking libraries look for different sensitive values (someone made a thought boo-boo somewhere). From Canary build 20412 the prop is simply removed. - -If, for some reason, you need one or more of these to be kept as their original value (one example would be resetting ro.build.type to userdebug since some ROMs need this to work properly), you can reset to the original value with this module. Keep in mind that this might trigger some apps looking for these prop values as a sign of your device being rooted. - -It is possible to change or reset each prop individually or all of them at once. It is also possible to change several props simultaneously by choosing the corresponding numbers in the menu list and entering them separated by a comma. +Up to and including Magisk v23 MagiskHide changes some sensitive props to "safe" values that won't trigger apps that might be looking for them as a sign of your device being tampered with (root). + +This feature is enabled by default and will automatically change any triggering values it finds to "safe" values. + +The props in question are: +- ro.debuggable +- ro.secure +- ro.build.type +- ro.build.tags +- ro.boot.vbmeta.device_state +- ro.boot.verifiedbootstate +- ro.boot.flash.locked +- ro.boot.veritymode +- ro.boot.warranty_bit +- ro.warranty_bit +- ro.vendor.boot.warranty_bit +- ro.vendor.warranty_bit +- vendor.boot.vbmeta.device_state + +There are a few props that will only change if a triggering value is detected, and these are: +- ro.bootmode +- ro.boot.mode +- vendor.boot.mode +- ro.boot.hwc +- ro.boot.hwcountry + +And lastly there are props that will only change in the late_start service boot stage. These are: +- vendor.boot.verifiedbootstate + +ro.build.selinux used to be changed by MagiskHide, but since some root detectors has a broken implementation of detecting this prop it is simply removed instead of changed (MagiskHide did this since Magisk build 20412). + +If, for some reason, you need one or more of these to be kept as their original value (one example would be resetting ro.build.type to userdebug since some ROMs need this to work properly), you can reset to the original value by simply disabling this prop in the module. Keep in mind that this might trigger some apps looking for these prop values as a sign of your device being rooted. If you want to further customise the prop in question you can use the ["Add/edit custom props"](https://github.com/Magisk-Modules-Repo/MagiskHide-Props-Config/blob/master/README.md#changeset-custom-prop-values) feature. + +It is possible to change or reset each prop individually or all of them at once. It is also possible to change several props simultaneously by choosing the corresponding numbers in the menu list and entering them separated by a comma. This will change any props set to a sensitive value to a safe value and vice versa. Example: If I would like to change ro.debuggable, ro.secure and ro.build.tags I would enter __"1,2,4"__. -**NOTE:** When activating this feature the screen will go black momentarily at the end of the boot cycle. This is caused by the module doing a soft reboot to reload the prop values properly. - ## Change/set custom prop values It's quite easy to change prop values with Magisk. With this module it's even easier. Just enter the prop you want to change and the new value and the module does the rest, nice and systemless. Any changes that you've previously done directly to build.prop, default.prop, etc, you can now do with this module instead. If you have a lot of props that you want to change it'll be a lot easier to use the [configuration file](https://github.com/Magisk-Modules-Repo/MagiskHide-Props-Config/blob/master/README.md#configuration-file) (see below). @@ -506,6 +539,10 @@ If the prop has been removed, the command should return nothing. For some fingerprints it is necessary to also change the security patch date to match the fingerprint used (the actual patch won't change, just the displayed date). This is automatically done by the module when using a fingerprint from a build after March 16 2018. If you do not want this to happen you can manually add `ro.build.version.security_patch` to the custom props and load back the original date, but keep in mind that this may result in the fingerprint not working and SafetyNet will fail. +### My device's model has changed +In order to fool SafetyNet into using basic key attestation for the bootloader state check rather than hardware (which we cannot fool), the device model sometimes has to be changed to one that does NOT match the actual device. If your device uses hardware backed attestation, you might have to do this to pass the CTS profile check of SafetyNet. See [Force BASIC key attestation](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/README.md#force-basic-key-attestation) for more details. + + ### The Play Store is broken If you suddenly can't find some apps, or that you aren't offered the latest version of an app, it might be because of having changed the device fingerprint. See [Can I use any fingerprint?](https://github.com/Magisk-Modules-Repo/MagiskHide-Props-Config/blob/master/README.md#can-i-use-any-fingerprint) for details. @@ -518,8 +555,12 @@ If the interface of the props script looks strange, with a lot of gibberish alon If boot takes longer than usual after setting a new fingerprint or a custom prop, try changing the [boot stage](https://github.com/Magisk-Modules-Repo/MagiskHide-Props-Config#boot-stage) to post-fs-data. +### There's a reboot during boot +This happens when any prop is set during the late_start service boot stage. A soft reboot is necessary to properly load the new prop values. + + ### The screen goes black momentarily at boot -This is caused by the [MagiskHide Sensitive props](https://github.com/Magisk-Modules-Repo/MagiskHide-Props-Config/blob/master/README.md#setreset-magiskhide-sensitive-props) function of the module doing a soft reboot at the end of the boot cycle. This is necessary to reaload the prop values properly. +See the section directly above. ### The Play Store is "uncertified" @@ -569,6 +610,14 @@ Releases from v5.4.0 will only install on Magisk v20.4+. ## Changelog +### v6.0.0 +- Updated the "Edit MagiskHide props" feature to include all the sensitive prop values that MagiskHide changed, up to and including Magisk v23. All props will now be set by default. See the documentation for details. +- Alter the permissions for SELinux files if SELinux is permissive (was included in MagiskHide up to Magisk v23). +- Reenabled "Force BASIC key attestation", since Google seems to have changed things around again. See the documentation for details. +- Fix reboot function in post-fs-data.sh. +- Various small fixes. +- Added fingerprints for Google Pixel 5a and Motorola Moto Z3 Play. List updated to v132. + ### v5.4.1 - Changed internet connection test to use Github rather than Google, for users that do not have access to Google in their countries. - Fixed a bug where prop values containing equal signs would be truncated. @@ -968,7 +1017,7 @@ Releases from v5.4.0 will only install on Magisk v20.4+. ## Current fingerprints list -### List v131 +### List v132 - Asus ROG Phone 3 ZS661KS (10) - Asus ROG Phone 5 ZS673KS (10) - Asus ZenFone 2 Laser ASUS_Z00LD (6.0.1) @@ -1020,6 +1069,7 @@ Releases from v5.4.0 will only install on Magisk v20.4+. - Google Pixel 4a (10 & 11) - Google Pixel 4a 5G (11) - Google Pixel 5 (11) +- Google Pixel 5a (11) - Google Pixel C (6.0.1 & 7.0 & 7.1.1 & 7.1.2 & 8.0.0 & 8.1.0) - HTC 10 (6.0.1) - HTC U11 (8.0.0) @@ -1102,6 +1152,7 @@ Releases from v5.4.0 will only install on Magisk v20.4+. - Motorola Moto X4 (8.0.0 & 9) - Motorola Moto Z2 Force T-Mobile (8.0.0) - Motorola Moto Z2 Play (8.0.0) +- Motorola Moto Z3 Play (9) - Nextbook Ares 8A (6.0.1) - Nokia 6 TA-1021 (9) - Nokia 6 TA-1025 (9) @@ -1454,7 +1505,7 @@ Releases from v5.4.0 will only install on Magisk v20.4+. ## MIT Licence -*Copyright (c) 2018-2020 Didgeridoohan* +*Copyright (c) 2018-2021 Didgeridoohan* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/common/bootlog.sh b/common/bootlog.sh index 7d60c9f..b57bc69 100644 --- a/common/bootlog.sh +++ b/common/bootlog.sh @@ -1,7 +1,7 @@ #!/system/bin/sh # MagiskHide Props Config -# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers +# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers # Licence: MIT { diff --git a/common/prints.sh b/common/prints.sh index b4817dc..86665ce 100644 --- a/common/prints.sh +++ b/common/prints.sh @@ -1,15 +1,15 @@ #!/system/bin/sh # MagiskHide Props Config -# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers +# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers # Licence: MIT -PRINTSV=131 +PRINTSV=132 PRINTSTRANSF=520 # Certified fingerprints -# Current fingerprints count=693 -# Unique devices=482 +# Current fingerprints count=695 +# Unique devices=484 PRINTSLIST=" Asus ROG Phone 3 ZS661KS (10):Asus:ZS661KS=asus/WW_I003D/ASUS_I003_1:10/QKQ1.200419.002/17.0823.2012.122-0:user/release-keys__2020-12-01 Asus ROG Phone 5 ZS673KS (10):Asus:ZS673KS=asus/WW_I005D/ASUS_I005_1:11/RKQ1.201022.002/18.0840.2103.26-0:user/release-keys__2021-03-05 @@ -62,6 +62,7 @@ Google Pixel 4 XL (10 & 11):Google:Pixel 4 XL=google/coral/coral:10/QQ3A.200805. Google Pixel 4a (10 & 11):Google:Pixel 4a=google/sunfish/sunfish:10/QD4A.200805.003/6598198:user/release-keys__2020-08-05;google/sunfish/sunfish:11/RQ3A.210805.001.A1/7474174:user/release-keys__2021-08-05 Google Pixel 4a 5G (11):Google:Pixel 4a (5G)=google/bramble/bramble:11/RQ3A.210805.001.A1/7474174:user/release-keys__2021-08-05 Google Pixel 5 (11):Google:Pixel 5=google/redfin/redfin:11/RQ3A.210805.001.A1/7474174:user/release-keys__2021-08-05 +Google Pixel 5a (11):Google:Pixel 5a=google/barbet/barbet:11/RD2A.210605.007/7381860:user/release-keys__2021-06-05 Google Pixel C (6.0.1 & 7.0 & 7.1.1 & 7.1.2 & 8.0.0 & 8.1.0):Google:Pixel C=google/ryu/dragon:6.0.1/MXC89L/3084571:user/release-keys;google/ryu/dragon:7.0/NRD91N/3318108:user/release-keys;google/ryu/dragon:7.1.1/N4F26T/3687331:user/release-keys;google/ryu/dragon:7.1.2/N2G48C/4104010:user/release-keys;google/ryu/dragon:8.0.0/OPR1.170623.032/4397478:user/release-keys;google/ryu/dragon:8.1.0/OPM8.190605.005/5749003:user/release-keys__2019-06-05 HTC 10 (6.0.1):HTC:HTC 10=htc/HTCOneM10vzw/htc_pmewl:6.0.1/MMB29M/774095.8:user/release-keys HTC U11 (8.0.0):HTC:HTC U-3w=htc/ocndtwl_01405/htc_ocndtwl:8.0.0/OPR6.170623.013/1017190.2:user/release-keys @@ -144,6 +145,7 @@ Motorola Moto X Play (7.1.1):motorola:XT1562=motorola/lux_retasia_ds/lux_uds:7.1 Motorola Moto X4 (8.0.0 & 9):Motorola:moto x4=motorola/payton/payton:8.0.0/OPWS27.57-25-6-10/12:user/release-keys;motorola/payton_fi/payton_sprout:9/PPWS29.69-39-6-6/8c843:user/release-keys__2020-03-01 Motorola Moto Z2 Force T-Mobile (8.0.0):Motorola:Moto Z2=motorola/nash_tmo_c/nash:8.0.0/OCXS27.109-51-14-7/12:user/release-keys__2019-07-01 Motorola Moto Z2 Play (8.0.0):Motorola:Moto Z2 Play=motorola/albus/albus:8.0.0/OPS27.76-12-25/26:user/release-keys +Motorola Moto Z3 Play (9):Motorola:Moto Z3 Play=motorola/beckham/beckham:9/PPWS29.131-27-1-27/34b6d:user/release-keys__2020-07-01 Nextbook Ares 8A (6.0.1):Nextbook:NX16A8116K=NextBook/NX16A8116K/NX16A8116K:6.0.1/MMB29M/V4.0.3:user/release-keys Nokia 6 TA-1021 (9):Nokia:TA-1021=Nokia/TA-1021_00WW/PLE:9/PKQ1.181105.001/00WW_6_19C:user/release-keys__2020-01-01 Nokia 6 TA-1025 (9):Nokia:TA-1025=Nokia/TA-1025_00WW/PLE:9/PKQ1.181105.001/00WW_6_19C:user/release-keys__2020-01-01 diff --git a/common/propsconf_conf b/common/propsconf_conf index 0e3a760..d89938d 100644 --- a/common/propsconf_conf +++ b/common/propsconf_conf @@ -1,7 +1,7 @@ #!/system/bin/sh # MagiskHide Props Config -# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers +# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers # Licence: MIT # ================================================================= @@ -9,7 +9,7 @@ # ================================================================= # Required module version (or newer). Do not edit this value! -CONFTRANSF=534 +CONFTRANSF=600 # Device fingerprint CONFFINGERPRINT="" @@ -42,7 +42,21 @@ CONFDEBUGGABLE="" CONFSECURE="" CONFTYPE="" CONFTAGS="" -CONFSELINUX="" +CONFBOOTMODE="" +CONFMODE="" +CONFVENDORMODE="" +CONFHWC="" +CONFHWCOUNTRY="" +CONFSTATE="" +CONFVERIFIEDBOOTSTATE="" +CONFVENDORVERIFIEDBOOTSTATE="" +CONFLOCKED="" +CONFVERITYMODE="" +CONFBOOTWARRANTY_BIT="" +CONFBIT="" +CONFVENDORBOOTWARRANTY_BIT="" +CONFVENDORWARRANTY_BIT="" +CONFVENDORDEVICE_STATE="" # Set custom props CONFPROPS="" @@ -106,10 +120,10 @@ CONFBACK=false # post-fs-data or late_start service mode. This is useful if props don't seem to set # propely or the module's boot script seems to be causing issues during boot. # -# CONFPATCHBOOT is by default set to using late_start service boot stage for setting +# CONFPATCHBOOT is by default set to using late_start service boot stage for setting # ro.build.version.security_patch. If the setting is changed to "default" or "post", # the prop will be set during either the default or post-fs-data stage. The -# late_start service boot stage is used by default as to not cause issues for devices with +# late_start service boot stage is used by default as to not cause issues for devices with # Keymaster 4 (bootloops). If the prop doesn't seem to set properly, try changing the stage. # CONFBASICATTEST is used to enable Forced BASIC attestation, which is done by changing the @@ -133,12 +147,27 @@ CONFBACK=false # post-fs-data or late_start service mode. This is useful if props don't seem to set # propely or the module's boot script seems to be causing issues during boot. -# The MagiskHide prop variables can be set as follows: -# CONFDEBUGGABLE - 0 or 1 (set to "0" by MagiskHide - sensitive value is "1") -# CONFSECURE - 0 or 1 (set to "1" by MagiskHide - sensitive value is "0") -# CONFTYPE - user or userdebug (set to "user" by MagiskHide - sensitive value is "userdebug") -# CONFTAGS - release-keys or test-keys (set to "release-keys" by MagiskHide - sensitive value is "test-keys") -# CONFSELINUX - 0 or 1 (set to "0" by MagiskHide - sensitive value is "1") +# The MagiskHide prop variables can be set as follows +# (note that these props are by default set to the safe value): +# CONFDEBUGGABLE - 0 or 1 (sensitive value is "1") +# CONFSECURE - 0 or 1 (sensitive value is "0") +# CONFTYPE - user or userdebug (sensitive value is "userdebug") +# CONFTAGS - release-keys or test-keys (sensitive value is "test-keys") +# CONFBOOTMODE - unknown or recovery (sensitive value is "recovery") +# CONFMODE - unknown or recovery (sensitive value is "recovery") +# CONFVENDORMODE - unknown or recovery (sensitive value is "recovery") +# CONFHWC - GLOBAL or CN (sensitive value is CN) +# CONFHWCOUNTRY - GLOBAL or China (sensitive value is China) +# CONFSTATE - locked or unlocked (sensitive value is unlocked) +# CONFVERIFIEDBOOTSTATE - green or orange (sensitive value is orange) +# CONFVENDORVERIFIEDBOOTSTATE - green or orange (sensitive value is orange) +# CONFLOCKED - 1 or 0 (sensitive value is 0) +# CONFVERITYMODE - enforcing or permissive (sensitive value is permissive) +# CONFBOOTWARRANTY_BIT - 0 or 1 (sensitive value is "1") +# CONFBIT - 0 or 1 (sensitive value is "1") +# CONFVENDORBOOTWARRANTY_BIT - 0 or 1 (sensitive value is "1") +# CONFVENDORWARRANTY_BIT - 0 or 1 (sensitive value is "1") +# CONFVENDORDEVICE_STATE - locked or unlocked (sensitive value is unlocked) # CONFPROPS should contain any custom props and the value you want the module to set. # Any props you've previously edited in build.prop, and more, can be set like this. diff --git a/common/propsconf_late b/common/propsconf_late index fc2f451..96e3e41 100644 --- a/common/propsconf_late +++ b/common/propsconf_late @@ -1,5 +1,5 @@ # MagiskHide Props Config -# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers +# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers # Licence: MIT # This is the settings file for the Magisk module "MagiskHide Props Config" By Didgeridoohan @ XDA Developers. @@ -8,9 +8,9 @@ # In that case, feel free to delete it. # Script version -SCRIPTV=37 -SETTRANSF=3 -NOTTRANSF="BRANDSET;NAMESET;DEVICESET;RELEASESET;IDSET;INCREMENTALSET;SDKSET" +SCRIPTV=38 +SETTRANSF=4 +NOTTRANSF="PROPCOUNT;PROPEDIT;REDEBUGGABLE;RESECURE;RETYPE;RETAGS;REBOOTMODE;REMODE" # Fingerprint FINGERPRINTENB=1 @@ -19,6 +19,11 @@ PRINTEDIT=0 PRINTVEND=0 PRINTCHK=0 +# Basic attestation +BASICATTEST=0 +BASICATTLIST="" +BASICATTCUST="" + # Device simulation DEVSIM=0 BRANDSET=0 @@ -34,9 +39,12 @@ MODELSET=0 DESCRIPTIONSET=1 PARTPROPSSET=1 +# MagiskHide props +PROPCOUNT=19 +PROPEDIT=1 +PROPBOOT=0 + # Custom props -PROPCOUNT=0 -PROPEDIT=0 CUSTOMEDIT=0 DELEDIT=0 @@ -68,7 +76,19 @@ ORIGTYPE="" ORIGTAGS="" ORIGBOOTMODE="" ORIGMODE="" -ORIGSELINUX="" +ORIGVENDORMODE="" +ORIGHWC="" +ORIGHWCOUNTRY="" +ORIGSTATE="" +ORIGVERIFIEDBOOTSTATE="" +ORIGVENDORVERIFIEDBOOTSTATE="" +ORIGLOCKED="" +ORIGVERITYMODE="" +ORIGBOOTWARRANTY_BIT="" +ORIGBIT="" +ORIGVENDORBOOTWARRANTY_BIT="" +ORIGVENDORWARRANTY_BIT="" +ORIGVENDORDEVICE_STATE="" ORIGFINGERPRINT="" ORIGVENDPRINT="" ORIGPRODPRINT="" @@ -87,13 +107,25 @@ ORIGMANUFACTURER="" ORIGMODEL="" # ---Module values--- -MODULEDEBUGGABLE="" -MODULESECURE="" -MODULETYPE="" -MODULETAGS="" -MODULEBOOTMODE="" -MODULEMODE="" -MODULESELINUX="" +MODULEDEBUGGABLE="0" +MODULESECURE="1" +MODULETYPE="user" +MODULETAGS="release-keys" +MODULEBOOTMODE="unknown" +MODULEMODE="unknown" +MODULEVENDORMODE="unknown" +MODULEHWC="GLOBAL" +MODULEHWCOUNTRY="GLOBAL" +MODULESTATE="locked" +MODULEVERIFIEDBOOTSTATE="green" +MODULEVENDORVERIFIEDBOOTSTATE="green" +MODULELOCKED="1" +MODULEVERITYMODE="enforcing" +MODULEBOOTWARRANTY_BIT="0" +MODULEBIT="0" +MODULEVENDORBOOTWARRANTY_BIT="0" +MODULEVENDORWARRANTY_BIT="0" +MODULEVENDORDEVICE_STATE="locked" MODULEFINGERPRINT="" # ---Device simulation values--- @@ -120,10 +152,22 @@ CUSTOMPROPSLIST="$CUSTOMPROPS $CUSTOMPROPSPOST $CUSTOMPROPSLATE $CUSTOMPROPSDELA DELETEPROPS="" # ---MagiskHide sensitive props--- -REDEBUGGABLE=false -RESECURE=false -RETYPE=false -RETAGS=false -REBOOTMODE=false -REMODE=false -RESELINUX=false +REDEBUGGABLE=true +RESECURE=true +RETYPE=true +RETAGS=true +REBOOTMODE=true +REMODE=true +REVENDORMODE=true +REHWC=true +REHWCOUNTRY=true +RESTATE=true +REVERIFIEDBOOTSTATE=true +REVENDORVERIFIEDBOOTSTATE=true +RELOCKED=true +REVERITYMODE=true +REBOOTWARRANTY_BIT=true +REBIT=true +REVENDORBOOTWARRANTY_BIT=true +REVENDORWARRANTY_BIT=true +REVENDORDEVICE_STATE=true diff --git a/common/util_functions.sh b/common/util_functions.sh index f8d1f4a..05d5e97 100644 --- a/common/util_functions.sh +++ b/common/util_functions.sh @@ -1,7 +1,7 @@ #!/system/bin/sh # MagiskHide Props Config -# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers +# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers # Licence: MIT ADBPATH=/data/adb @@ -66,9 +66,13 @@ if [ "$INSTFN" ]; then PRINTEDIT PRINTVEND PRINTCHK + BASICATTEST + BASICATTLIST + BASICATTCUST DEVSIM PROPCOUNT PROPEDIT + PROPBOOT CUSTOMEDIT DELEDIT PRINTSTAGE @@ -99,7 +103,21 @@ if [ "$INSTFN" ]; then MODULESECURE MODULETYPE MODULETAGS - MODULESELINUX + MODULEBOOTMODE + MODULEMODE + MODULEVENDORMODE + MODULEHWC + MODULEHWCOUNTRY + MODULESTATE + MODULEVERIFIEDBOOTSTATE + MODULEVENDORVERIFIEDBOOTSTATE + MODULELOCKED + MODULEVERITYMODE + MODULEBOOTWARRANTY_BIT + MODULEBIT + MODULEVENDORBOOTWARRANTY_BIT + MODULEVENDORWARRANTY_BIT + MODULEVENDORDEVICE_STATE MODULEFINGERPRINT SIMBRAND SIMNAME @@ -196,9 +214,15 @@ ro.debuggable ro.secure ro.build.type ro.build.tags -ro.bootmode -ro.boot.mode -ro.build.selinux +ro.boot.vbmeta.device_state +ro.boot.verifiedbootstate +ro.boot.flash.locked +ro.boot.veritymode +ro.boot.warranty_bit +ro.warranty_bit +ro.vendor.boot.warranty_bit +ro.vendor.warranty_bit +vendor.boot.vbmeta.device_state " # Safe values @@ -207,9 +231,52 @@ ro.debuggable=0 ro.secure=1 ro.build.type=user ro.build.tags=release-keys +ro.boot.vbmeta.device_state=locked +ro.boot.verifiedbootstate=green +ro.boot.flash.locked=1 +ro.boot.veritymode=enforcing +ro.boot.warranty_bit=0 +ro.warranty_bit=0 +ro.vendor.boot.warranty_bit=0 +ro.vendor.warranty_bit=0 +vendor.boot.vbmeta.device_state=locked +" + +# Trigger props +TRIGGERPROPS=" +ro.bootmode +ro.boot.mode +vendor.boot.mode +ro.boot.hwc +ro.boot.hwcountry +" + +# Safe values +TRIGGERSAFELIST=" ro.bootmode=unknown ro.boot.mode=unknown -ro.build.selinux=0 +vendor.boot.mode=unknown +ro.boot.hwc=GLOBAL +ro.boot.hwcountry=GLOBAL +" + +# Triggering values +TRIGGERLIST=" +ro.bootmode=recovery +ro.boot.mode=recovery +vendor.boot.mode=recovery +ro.boot.hwc=CN +ro.boot.hwcountry=China +" + +# Late props +LATEPROPS=" +vendor.boot.verifiedbootstate +" + +# Safe value +LATESAFELIST=" +vendor.boot.verifiedbootstate=green " # Partitions used for different props @@ -273,10 +340,12 @@ APILVL=" 8.1=27 9=28 10=29 +11=30 +12=31 " # Values props list -VALPROPSLIST=$PROPSLIST$PRINTPARTS$SNPROPS$ADNPROPS$ADNSIMPROPS +VALPROPSLIST=$PROPSLIST$TRIGGERPROPS$LATEPROPS$PRINTPARTS$SNPROPS$ADNPROPS$ADNSIMPROPS # Loading module settings if [ -z "$INSTFN" ]; then @@ -350,6 +419,18 @@ get_prop_type() { echo "vendprint" elif [ "$1" == "ro.build.display.id" ]; then echo "display" + elif [ "$1" == "vendor.boot.mode" ]; then + echo "vendormode" + elif [ "$1" == "vendor.boot.vbmeta.device_state" ]; then + echo "vendordevice_state" + elif [ "$1" == "vendor.boot.verifiedbootstate" ]; then + echo "vendorverifiedbootstate" + elif [ "$1" == "ro.boot.warranty_bit" ]; then + echo "bootwarranty_bit" + elif [ "$1" == "ro.vendor.boot.warranty_bit" ]; then + echo "vendorbootwarranty_bit" + elif [ "$1" == "ro.vendor.warranty_bit" ]; then + echo "vendorwarranty_bit" else echo $1 | sed 's|.*\.||' | sed 's|.*\_||' fi @@ -441,13 +522,15 @@ force_reboot() { echo -e "${C}Rebooting...${N}" log_handler "Rebooting." [ $(getprop sys.boot_completed) == 1 ] && /system/bin/svc power reboot $RBREASON >> $LOGFILE 2>&1 || /system/bin/reboot $RBREASON >> $LOGFILE 2>&1 || setprop sys.powerctl reboot >> $LOGFILE 2>&1 - sleep 15 - log_handler "Rebooting failed." - echo "" - echo "That doesn't seem like it worked..." - echo "Please reboot manually." - echo "" - exit 0 + if [ "$BOOTSTAGE" != "post" -a "$BOOTSTAGE" != "late" ]; then + sleep 15 + log_handler "Rebooting failed." + echo "" + echo "That doesn't seem like it worked..." + echo "Please reboot manually." + echo "" + exit 0 + fi } # Updates placeholders, $1=file, $2=Variable name to replace to, $3=Placeholder name, $4=Value to assign updated variable @@ -673,7 +756,7 @@ config_file() { echo "ro.vendor.build.fingerprint: ${CONFFINGERPRINT}" >> $LOGFILE 2>&1 fi # Updates prop values (including fingerprint) - PROPSTMPLIST=$PROPSLIST" + PROPSTMPLIST=$PROPSLIST$TRIGGERPROPS$LATEPROPS" ro.build.fingerprint " for PROPTYPE in $PROPSTMPLIST; do @@ -941,37 +1024,32 @@ update_check() { # system.prop creation system_prop() { - if [ "$OPTIONBOOT" == 0 ]; then + if [ "$1" == "install" ]; then + log_print "- Creating system.prop file." + else log_handler "Creating system.prop file." - echo -e "# This file will be read by resetprop\n\n# MagiskHide Props Config\n# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers\n# Licence: MIT\n" > $MODPATH/system.prop - if [ "$PRINTSTAGE" == 0 ]; then - print_edit "$MODPATH/system.prop" - fi - if [ "$PATCHSTAGE" == 0 ]; then - patch_edit "$MODPATH/system.prop" - fi - #if [ "$BASICATTEST" == 1 ]; then - # forced_basic "$MODPATH/system.prop" - #fi - if [ "$SIMSTAGE" == 0 ]; then - dev_sim_edit "$MODPATH/system.prop" - fi - if [ "$CUSTOMPROPS" ]; then - custom_edit "CUSTOMPROPS" "$MODPATH/system.prop" - fi - # Check system.prop content - system_prop_cont - - # Check for edge case where module has been updated but no reboot has been done yet - if [ -z "$INSTFN" ]; then - if [ -d "$ADBPATH/modules_update/MagiskHidePropsConf" ] && [ -f "$MODPATH/system.prop" ]; then - log_handler "Copying system.prop to update folder." - cp -f $MODPATH/system.prop $ADBPATH/modules_update/MagiskHidePropsConf >> $LOGFILE 2>&1 - else - rm -f $ADBPATH/modules_update/MagiskHidePropsConf/system.prop >> $LOGFILE 2>&1 - fi + fi + echo -e "# This file will be read by resetprop\n# MagiskHide Props Config\n# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers\n# Licence: MIT" > $MODPATH/system.prop + if [ "$PROPEDIT" == 1 ] && [ "$PROPBOOT" == 0 ]; then + sensitive_props "$PROPSLIST" "$SAFELIST" "$MODPATH/system.prop" + fi + if [ "$OPTIONBOOT" == 0 ] && [ "$PRINTSTAGE" == 0 ]; then + print_edit "$MODPATH/system.prop" + fi + if [ "$OPTIONBOOT" == 0 ] && [ "$PATCHSTAGE" == 0 ]; then + patch_edit "$MODPATH/system.prop" + fi + if [ "$OPTIONBOOT" == 0 ] && [ "$BASICATTEST" == 1 ]; then + forced_basic "$MODPATH/system.prop" fi + if [ "$OPTIONBOOT" == 0 ] && [ "$SIMSTAGE" == 0 ]; then + dev_sim_edit "$MODPATH/system.prop" + fi + if [ "$OPTIONBOOT" == 0 ] && [ "$CUSTOMPROPS" ]; then + custom_edit "CUSTOMPROPS" "$MODPATH/system.prop" fi + # Check system.prop content + system_prop_cont } # system.prop content @@ -1175,6 +1253,7 @@ script_install() { bin_check files_check settings_placement + log_print "- Updating placeholders" placeholder_update $MODPATH/post-fs-data.sh MODVERSION VER_PLACEHOLDER "$MODVERSION" placeholder_update $MODPATH/post-fs-data.sh LATEFILE LATE_PLACEHOLDER "$LATEFILE" @@ -1182,8 +1261,15 @@ script_install() { placeholder_update $MODPATH/common/util_functions.sh BIN BIN_PLACEHOLDER "$BIN" placeholder_update $MODPATH/system/$BIN/props ADBPATH ADB_PLACEHOLDER "$ADBPATH" placeholder_update $MODPATH/system/$BIN/props LATEFILE LATE_PLACEHOLDER "$LATEFILE" + + # Retrieving default values from props file + log_print "- Saving device default values." + default_save + log_handler "Default values saved to $LATEFILE." + load_settings print_files + # Checks for configuration file CONFFILE="" for ITEM in $CONFFILELOC; do @@ -1201,9 +1287,10 @@ script_install() { else load_settings # Create system.prop in case of no configuration file - system_prop + system_prop "install" fi - log_handler "Module installation complete." + + log_handler "Script install function finished." } # ======================== Fingerprint functions ======================== @@ -1259,6 +1346,9 @@ print_edit() { echo "ro.build.fingerprint=${PRINTCHNG}" >> $1 else resetprop -nv ro.build.fingerprint "$PRINTCHNG" >> $LOGFILE 2>&1 + if [ "$BOOTSTAGE" == "late" ]; then + PROPLATE=true + fi fi else log_handler "ro.build.fingerprint not currently set on device. Skipping." @@ -1272,6 +1362,9 @@ print_edit() { echo "ro.build.description=${SIMDESCRIPTION}" >> $1 else resetprop -nv ro.build.description "$SIMDESCRIPTION" >> $LOGFILE 2>&1 + if [ "$BOOTSTAGE" == "late" ]; then + PROPLATE=true + fi fi fi else @@ -1295,6 +1388,9 @@ patch_edit() { echo "ro.build.version.security_patch=${SECPATCH}" >> $1 else resetprop -nv ro.build.version.security_patch "$SECPATCH" >> $LOGFILE 2>&1 + if [ "$BOOTSTAGE" == "late" ]; then + PROPLATE=true + fi fi fi ;; @@ -1339,7 +1435,7 @@ print_files() { TMPI=$(($TMPI - 1)) fi done - #echo -e "BASICATTMODEL=\"$(get_eq_left "$TMPLINE" | sed "s|^.*\:||")\"" >> $TMPFILE + echo -e "BASICATTMODEL=\"$(get_eq_left "$TMPLINE" | sed "s|^.*\:||")\"" >> $TMPFILE done # Check for updated fingerprint device_print_update "Updating module fingerprint." @@ -1689,6 +1785,9 @@ forced_basic() { fi resetprop -nv ro.product.model "$TMPVAL" >> $LOGFILE 2>&1 set_partition_props "none" "ro.product.model" "$TMPVAL" + if [ "$BOOTSTAGE" == "late" ]; then + PROPLATE=true + fi fi } @@ -1751,6 +1850,9 @@ dev_sim_edit() { echo "${ITEM}=${TMPVALUE}" >> $1 else resetprop -nv $ITEM "$TMPVALUE" >> $LOGFILE 2>&1 + if [ "$BOOTSTAGE" == "late" ]; then + PROPLATE=true + fi fi else log_handler "$ITEM not currently set on device. Skipping." @@ -1853,11 +1955,107 @@ change_sim_partprops() { } # ======================== MagiskHide Props functions ======================== +# Populate menu, $1=List of props to go through (with safe values), $2=type of list, $3=check if menu items should be printed or only counted +magiskhide_props_menu() { + ACTIVE="${G} (active)${N}" + for ITEM in $1; do + PROP=$(get_prop_type $(get_eq_left "$ITEM")) + ORIGVALUE=$(eval "echo \$$(echo "ORIG${PROP}" | tr '[:lower:]' '[:upper:]')") + if [ "$ORIGVALUE" ] && [ "$(get_eq_right "$ITEM")" != "$ORIGVALUE" ]; then + CTRLTRIGG=false; + if [ "$2" == "trigger" ]; then + magiskhide_trigger "$ITEM" + fi + if [ "$CTRLTRIGG" == "false" ]; then + if [ "$ITEMCOUNT" == 0 ]; then + ITEMCOUNT=1 + fi + TMPTXT="" + if [ "$2" == "late" ]; then + TMPTXT=" ${C}(Late prop)${N}" + elif [ "$2" == "trigger" ]; then + TMPTXT=" ${C}(Trigger prop)${N}" + fi + if [ "$(eval "echo \$$(echo "RE${PROP}" | tr '[:lower:]' '[:upper:]')")" == "true" ]; then + if [ "$TMPTXT" ]; then + TMPTXT=$TMPTXT$ACTIVE + else + TMPTXT=$ACTIVE + fi + fi + if [ "$3" != "count" ]; then + echo -e "${G}$ITEMCOUNT${N} - $(get_eq_left "$ITEM")$TMPTXT" + fi + ITEMCOUNT=$(($ITEMCOUNT+1)) + fi + fi + done +} + +# Set sensitive props, $1=List to get props from, $2=List of safe values, $3=Set to "late" if set in late stage, or file name if saving values to a prop file +sensitive_props() { + if [ "$3" == "late" ]; then + log_handler "Changing sensitive props, late" + else + log_handler "Changing sensitive props" + fi + for ITEM in $1; do + PROP=$(get_prop_type $ITEM) + REPROP=$(echo "RE${PROP}" | tr '[:lower:]' '[:upper:]') + ORIGPROP=$(echo "ORIG${PROP}" | tr '[:lower:]' '[:upper:]') + MODULEPROP=$(echo "MODULE${PROP}" | tr '[:lower:]' '[:upper:]') + REVALUE=$(eval "echo \$$REPROP") + ORIGVALUE=$(eval "echo \$$ORIGPROP") + MODULEVALUE=$(eval "echo \$$MODULEPROP") + if [ "$REVALUE" == "true" ] && [ "$ORIGVALUE" ]; then + CTRLTRIGG=false; + magiskhide_trigger "$ITEM" + if [ "$CTRLTRIGG" == "true" ]; then + for CTRL in $2; do + if [ "$(get_eq_left "$CTRL")" == "$ITEM" ]; then + if [ "$(get_eq_right "$CTRL")" == "$ORIGVALUE" ]; then + log_handler "Skipping $ITEM, already set to the safe value." + else + log_handler "Changing/writing $ITEM." + if [ "$3" ] && [ "$3" != "late" ]; then + echo "${ITEM}=$MODULEVALUE" >> $3 + else + resetprop -nv $ITEM "$MODULEVALUE" >> $LOGFILE 2>&1 + if [ "$BOOTSTAGE" == "late" ]; then + PROPLATE=true + fi + fi + fi + fi + done + else + log_handler "Skipping $ITEM, it is not set to a triggering value." + fi + elif [ "$REVALUE" == "true" ] && [ -z "$ORIGVALUE" ]; then + log_handler "Skipping $ITEM, does not exist on device." + else + log_handler "Skipping $ITEM, not set to change." + fi + done +} + +# Check if trigger prop, $1=prop to check +magiskhide_trigger() { + for TRIGG in $TRIGGERLIST; do + if [ "$(get_eq_left "$TRIGG")" == "$(get_eq_left "$1")" ]; then + if [ "$(get_eq_right "$TRIGG")" != "$ORIGVALUE" ]; then + CTRLTRIGG=true; + fi + break + fi + done +} + # Check safe values, $1=header, $2=Currently set prop value safe_props() { SAFE="" if [ "$2" ]; then - for P in $SAFELIST; do + for P in $SAFELIST$TRIGGERSAFELIST$LATESAFELIST; do if [ "$(get_eq_left "$P")" == "$1" ]; then if [ "$2" == "$(get_eq_right "$P")" ]; then SAFE=1 @@ -1872,23 +2070,16 @@ safe_props() { # Find what prop value to change to, $1=header, $2=Currently set prop value change_to() { - CHANGE="" - case "$1" in - ro.debuggable) if [ "$2" == 0 ]; then CHANGE=1; else CHANGE=0; fi - ;; - ro.secure) if [ "$2" == 0 ]; then CHANGE=1; else CHANGE=0; fi - ;; - ro.build.type) if [ "$2" == "userdebug" ]; then CHANGE="user"; else CHANGE="userdebug"; fi - ;; - ro.build.tags) if [ "$2" == "test-keys" ]; then CHANGE="release-keys"; else CHANGE="test-keys"; fi - ;; - ro.bootmode) if [ "$2" == "recovery" ]; then CHANGE="unknown"; else CHANGE="recovery"; fi - ;; - ro.boot.mode) if [ "$2" == "recovery" ]; then CHANGE="unknown"; else CHANGE="recovery"; fi - ;; - ro.build.selinux) if [ "$2" == 1 ]; then CHANGE=0; else CHANGE=1; fi - ;; - esac + for CHPROP in $SAFELIST$TRIGGERSAFELIST$LATESAFELIST; do + if [ "$(get_eq_left "$CHPROP")" == "$1" ]; then + if [ "$2" != "$(get_eq_right "$CHPROP")" ]; then + CHANGE=$(get_eq_right "$CHPROP") + else + CHANGE=$(eval "echo \$$(echo "ORIG$(get_prop_type $(get_eq_left "$CHPROP"))" | tr '[:lower:]' '[:upper:]')") + fi + break + fi + done } # Reset the module prop change, $1=prop name, $2=run option @@ -1919,7 +2110,9 @@ reset_prop() { replace_fn PROPEDIT 1 0 $LATEFILE fi - after_change "$1" "$2" + if [ "$2" != "none" ]; then + after_change "$1" "$2" + fi } # Use prop value, $1=prop name, $2=new prop value, $3=run option @@ -1946,7 +2139,9 @@ change_prop() { fi replace_fn PROPEDIT 0 1 $LATEFILE - after_change "$1" "$3" + if [ "$3" != "none" ]; then + after_change "$1" "$3" + fi } # Reset all module prop changes, $1=header @@ -1955,7 +2150,7 @@ reset_prop_all() { log_handler "Resetting all props to default values." - for PROPTYPE in $PROPSLIST; do + for PROPTYPE in $PROPSLIST$TRIGGERPROPS$LATEPROPS; do PROP=$(get_prop_type $PROPTYPE) MODULEPROP=$(echo "MODULE${PROP}" | tr '[:lower:]' '[:upper:]') REPROP=$(echo "RE${PROP}" | tr '[:lower:]' '[:upper:]') @@ -2011,6 +2206,9 @@ custom_edit() { echo "$(get_eq_left "$ITEM")=${TMPITEM}" >> $2 else resetprop -nv $(get_eq_left "$ITEM") "${TMPITEM}" >> $LOGFILE 2>&1 + if [ "$BOOTSTAGE" == "late" ]; then + PROPLATE=true + fi fi fi done @@ -2229,8 +2427,8 @@ export_settings() { replace_fn CONFPRINTBOOT default $([ $PRINTSTAGE == 0 ] && echo "default" || $([ $PRINTSTAGE == 1 ] && echo "post" || echo "late")) $EXPORTFILE replace_fn CONFPATCHBOOT late $([ $PATCHSTAGE == 0 ] && echo "default" || $([ $PATCHSTAGE == 1 ] && echo "post" || echo "late")) $EXPORTFILE # Force BASIC attestation - #replace_fn CONFBASICATTEST false $([ $BASICATTEST == 0 ] && echo "false" || echo "true") $EXPORTFILE - #replace_fn CONFBASICATTCUST "\"\"" "\"$BASICATTCUST\"" $EXPORTFILE + replace_fn CONFBASICATTEST false $([ $BASICATTEST == 0 ] && echo "false" || echo "true") $EXPORTFILE + replace_fn CONFBASICATTCUST "\"\"" "\"$BASICATTCUST\"" $EXPORTFILE # Device Simulation replace_fn CONFDEVSIM false $([ $DEVSIM == 0 ] && echo "false" || echo "true") $EXPORTFILE replace_fn CONFBRAND false $([ $BRANDSET == 0 ] && echo "false" || echo "true") $EXPORTFILE @@ -2251,7 +2449,21 @@ export_settings() { replace_fn CONFSECURE "\"\"" "\"$MODULESECURE\"" $EXPORTFILE replace_fn CONFTYPE "\"\"" "\"$MODULETYPE\"" $EXPORTFILE replace_fn CONFTAGS "\"\"" "\"$MODULETAGS\"" $EXPORTFILE - replace_fn CONFSELINUX "\"\"" "\"$MODULESELINUX\"" $EXPORTFILE + replace_fn CONFBOOTMODE "\"\"" "\"$MODULEBOOTMODE\"" $EXPORTFILE + replace_fn CONFMODE "\"\"" "\"$MODULEMODE\"" $EXPORTFILE + replace_fn CONFVENDORMODE "\"\"" "\"$MODULEVENDORMODE\"" $EXPORTFILE + replace_fn CONFHWC "\"\"" "\"$MODULEHWC\"" $EXPORTFILE + replace_fn CONFHWCOUNTRY "\"\"" "\"$MODULEHWCOUNTRY\"" $EXPORTFILE + replace_fn CONFDEVICE_STATE "\"\"" "\"$MODULEDEVICE_STATE\"" $EXPORTFILE + replace_fn CONFVERIFIEDBOOTSTATE "\"\"" "\"$MODULEVERIFIEDBOOTSTATE\"" $EXPORTFILE + replace_fn CONFVENDORVERIFIEDBOOTSTATE "\"\"" "\"$MODULEVENDORVERIFIEDBOOTSTATE\"" $EXPORTFILE + replace_fn CONFLOCKED "\"\"" "\"$MODULELOCKED\"" $EXPORTFILE + replace_fn CONFVERITYMODE "\"\"" "\"$MODULEVERITYMODE\"" $EXPORTFILE + replace_fn CONFBOOTWARRANTY_BIT "\"\"" "\"$MODULEBOOTWARRANTY_BIT\"" $EXPORTFILE + replace_fn CONFWARRANTY_BIT "\"\"" "\"$MODULEWARRANTY_BIT\"" $EXPORTFILE + replace_fn CONFVENDORBOOTWARRANTY_BIT "\"\"" "\"$MODULEVENDORBOOTWARRANTY_BIT\"" $EXPORTFILE + replace_fn CONFVENDORWARRANTY_BIT "\"\"" "\"$MODULEVENDORWARRANTY_BIT\"" $EXPORTFILE + replace_fn CONFVENDORDEVICE_STATE "\"\"" "\"$MODULEVENDORDEVICE_STATE\"" $EXPORTFILE # Custom props replace_fn CONFPROPS "\"\"" "\"$CUSTOMPROPS\"" $EXPORTFILE replace_fn CONFPROPSPOST "\"\"" "\"$CUSTOMPROPSPOST\"" $EXPORTFILE @@ -2271,9 +2483,9 @@ export_settings() { menu_header "${C}$1${N}" echo "" echo "A module configuration file with" - echo "your current settings have been" + echo "your current settings haS been" echo "saved to your internal storage," - echo -e "in the ${C}/mhcp${N} directory." + echo -e "in the ${C}/mhpc${N} directory." echo "" echo -n "Press enter to continue..." read -r INPUTTMP diff --git a/customize.sh b/customize.sh index f2df955..d5af558 100644 --- a/customize.sh +++ b/customize.sh @@ -1,6 +1,6 @@ ########################################################################################## # Installation variables and functions for the Magisk module "MagiskHide Props Config" -# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers. +# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers. # Licence: MIT ########################################################################################## @@ -23,13 +23,13 @@ echo "***************************************************" > $LOGFILE 2>&1 echo "********* MagiskHide Props Config $MODVERSION ********" >> $LOGFILE 2>&1 echo "***************** By Didgeridoohan ***************" >> $LOGFILE 2>&1 echo "***************************************************" >> $LOGFILE 2>&1 -log_handler "Starting module installation script" +log_print "- Starting module installation script" # Module script installation script_install # Permission +log_print "- Setting permissions" set_perm $MODPATH/system/$BIN/props 0 0 0755 -# Remove unused files -rm -f $MODPATH/LICENSE \ No newline at end of file +log_print "- Module installation complete." diff --git a/module.prop b/module.prop index 210daf0..43a90c9 100644 --- a/module.prop +++ b/module.prop @@ -1,6 +1,6 @@ id=MagiskHidePropsConf name=MagiskHide Props Config -version=v5.4.1-v131 -versionCode=69 +version=v6.0.0-v132 +versionCode=70 author=Didgeridoohan -description=Change your device's fingerprint, to pass SafetyNet's CTS Profile check. Set/reset prop values set by MagiskHide. Change any prop values easily, and set your own custom props. +description=Change your device's fingerprint, to pass SafetyNet's CTS Profile check. Set/reset MagiskHide sensitive prop values. Change any prop values easily, and set your own custom props. diff --git a/post-fs-data.sh b/post-fs-data.sh index 7483c60..9420b08 100644 --- a/post-fs-data.sh +++ b/post-fs-data.sh @@ -1,7 +1,7 @@ #!/system/bin/sh # MagiskHide Props Config -# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers +# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers # Licence: MIT #anch1 @@ -22,6 +22,24 @@ MODVERSIONPH=VER_PLACEHOLDER LATEFILEPH=LATE_PLACEHOLDER + # Sensitive props + # Safe values + TRIGGERSAFELIST=" + ro.bootmode=unknown + ro.boot.mode=unknown + vendor.boot.mode=unknown + ro.boot.hwc=GLOBAL + ro.boot.hwcountry=GLOBAL + " + # Triggering values + TRIGGERLIST=" + ro.bootmode=recovery + ro.boot.mode=recovery + vendor.boot.mode=recovery + ro.boot.hwc=CN + ro.boot.hwcountry=China + " + # Saves the previous log (if available) and creates a new one if [ -f "$LOGFILE" ]; then mv -f $LOGFILE $LASTLOGFILE @@ -55,6 +73,32 @@ echo -e "$(date +"%Y-%m-%d %H:%M:%S.%3N") - $1" >> $LOGFILE 2>&1 } + # Get left side of =, $1=string to check + get_eq_left() { + echo $1 | cut -f 1 -d '=' + } + + # Get right side of =, $1=string to check + get_eq_right() { + echo $1 | cut -f 2- -d '=' + } + + # Finding file values, $1=file (with path), $2=string to look for + get_file_value() { + if [ -f "$1" ]; then + echo $(grep $2 $1) | sed "s|.*${2}||" | sed 's|\"||g' + fi + } + + # Find prop type, $1=prop name + get_prop_type() { + if [ "$1" == "vendor.boot.mode" ]; then + echo "vendormode" + else + echo $1 | sed 's|.*\.||' | sed 's|.*\_||' + fi + } + # Reset/disable file locations FILELOCLST=" /data/media/0 @@ -79,8 +123,8 @@ # Deletes the post-fs-data control file rm -f $MHPCPATH/propsconf_postchk >> $LOGFILE 2>&1 # Reboot - log_handler "Rebooting." - /system/bin/reboot "" >> $LOGFILE 2>&1 || setprop sys.powerctl reboot >> $LOGFILE 2>&1 + log_handler "Setting reboot flag." + touch $MHPCPATH/reboot >> $LOGFILE 2>&1 fi # Check for the boot script and restore backup if deleted, or if the reset file is present @@ -105,17 +149,49 @@ else log_handler "The module settings file could not be found." fi - fi + fi log_handler "$RSTTXT module settings file (${LATEFILE})." cp -af $MODPATH/common/propsconf_late $LATEFILE >> $LOGFILE 2>&1 rm -f $MODPATH/system.prop >> $LOGFILE 2>&1 fi # Loading module settings + log_handler "Loading module settings" . $LATEFILE + # Remove ro.build.selinux if present + if [ "$(grep "ro.build.selinux" $MHPCPATH/defaultprops)" ]; then + log_handler "Removing ro.build.selinux." + resetprop -v --delete ro.build.selinux >> $LOGFILE 2>&1 + fi + + if [ "$PROPEDIT" == 1 ] && [ "$PROPBOOT" == 0 ]; then + # Set trigger props + for ITEM in $TRIGGERLIST; do + TMPPROP=$(get_eq_left "$ITEM") + TMPVAL=$(echo $(grep "\[${TMPPROP}\]" "$MHPCPATH/defaultprops") | sed -e "s|.*\]\:\ \[||g;s|\]$||g") + REPROP=$(echo "RE$(get_prop_type "$TMPPROP")" | tr '[:lower:]' '[:upper:]') + REVAL=$(get_file_value $LATEFILE "${REPROP}=") + if [ "$REVAL" == "true" ]; then + if [ "$TMPVAL" == "$(get_eq_right "$ITEM")" ]; then + log_handler "Changing/writing $TMPPROP." + for SAFEVAL in $TRIGGERSAFELIST; do + if [ "$TMPPROP" == "$(get_eq_left "$SAFEVAL")" ]; then + resetprop -nv $(get_eq_left $SAFEVAL) $(get_eq_right $SAFEVAL) >> $LOGFILE 2>&1 + break + fi + done + elif [ "$TMPVAL" ]; then + log_handler "Skipping $TMPPROP, not set to triggering value." + else + log_handler "Skipping $TMPPROP, does not exist on device." + fi + fi + done + fi + # Edits prop values if set for post-fs-data - if [ "$OPTIONBOOT" == 1 ] || [ "$OPTIONBOOT" != 1 -a "$PRINTSTAGE" == 1 ] || [ "$OPTIONBOOT" != 1 -a "$PATCHSTAGE" == 1 ] || [ "$OPTIONBOOT" != 1 -a "$SIMSTAGE" == 1 ] || [ "$CUSTOMPROPSPOST" ] || [ "$DELETEPROPS" ]; then + if [ "$OPTIONBOOT" == 1 ] || [ "$OPTIONBOOT" != 1 -a "$PRINTSTAGE" == 1 ] || [ "$OPTIONBOOT" != 1 -a "$PATCHSTAGE" == 1 ] || [ "$OPTIONBOOT" != 1 -a "$SIMSTAGE" == 1 ] || [ "$CUSTOMPROPSPOST" ] || [ "$DELETEPROPS" ] || [ "$PROPBOOT" == 1 ]; then # Load functions . $MODPATH/common/util_functions.sh echo -e "\n----------------------------------------" >> $LOGFILE 2>&1 @@ -139,18 +215,23 @@ fi # Setting custom props custom_edit "CUSTOMPROPS" + else + # Edit fingerprint if set for post-fs-data + if [ "$PRINTSTAGE" == 1 ]; then + print_edit "none" + fi + # Edit security patch date if set for post-fs-data + if [ "$PATCHSTAGE" == 1 ]; then + patch_edit "none" + fi + # Edit simulation props if set for post-fs-data + if [ "$SIMSTAGE" == 1 ]; then + dev_sim_edit "none" + fi fi - # Edit fingerprint if set for post-fs-data - if [ "$OPTIONBOOT" != 1 ] && [ "$PRINTSTAGE" == 1 ]; then - print_edit "none" - fi - # Edit security patch date if set for post-fs-data - if [ "$OPTIONBOOT" != 1 ] && [ "$PATCHSTAGE" == 1 ]; then - patch_edit "none" - fi - # Edit simulation props if set for post-fs-data - if [ "$OPTIONBOOT" != 1 ] && [ "$SIMSTAGE" == 1 ]; then - dev_sim_edit "none" + # Edit MagiskHide sensitive props if set for post-fs-data + if [ "$PROPEDIT" == 1 ] && [ "$PROPBOOT" == 1]; then + sensitive_props "$PROPSLIST" "$SAFELIST" fi # Edit custom props set for post-fs-data custom_edit "CUSTOMPROPSPOST" @@ -159,9 +240,8 @@ echo -e "\n----------------------------------------" >> $LOGFILE 2>&1 fi - FNSH="\n$(date +"%Y-%m-%d %H:%M:%S:%N") - post-fs-data.sh module script finished." - echo -e $FNSH >> $LOGFILE 2>&1 - echo -e $FNSH >> $RUNFILE 2>&1 + log_handler "post-fs-data.sh module script finished." + echo -e "\n$(date +"%Y-%m-%d %H:%M:%S:%N") - post-fs-data.sh module script finished." >> $RUNFILE 2>&1 # Deletes the post-fs-data control file rm -f $MHPCPATH/propsconf_postchk >> $LOGFILE 2>&1 diff --git a/service.sh b/service.sh index 56418de..2b09fa1 100644 --- a/service.sh +++ b/service.sh @@ -1,7 +1,7 @@ #!/system/bin/sh # MagiskHide Props Config -# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers +# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers # Licence: MIT MODPATH=${0%/*} @@ -23,6 +23,12 @@ done log_script_chk "Running service.sh module script." +# Check for reboot flag +if [ -f "$MHPCPATH/reboot" ]; then + rm -f $MHPCPATH/reboot >> $LOGFILE 2>&1 + force_reboot +fi + # Resets the reboot and print update variables in propsconf_late replace_fn REBOOTCHK 1 0 $LATEFILE replace_fn PRINTCHK 1 0 $LATEFILE @@ -62,10 +68,11 @@ fi config_file # Edits prop values if set for late_start service +PROPLATE=false echo -e "\n----------------------------------------" >> $LOGFILE 2>&1 log_handler "Editing prop values in late_start service mode." if [ "$OPTIONBOOT" == 2 ]; then - # ---Setting/Changing fingerprint--- + # ---Setting/Changing fingerprint--- if [ "$PRINTSTAGE" == 0 ]; then print_edit "none" fi @@ -83,38 +90,49 @@ if [ "$OPTIONBOOT" == 2 ]; then fi # ---Setting custom props--- custom_edit "CUSTOMPROPS" +else + # Edit fingerprint if set for late_start service + if [ "$PRINTSTAGE" == 2 ]; then + print_edit "none" + fi + # Edit security patch date if set for late_start service + if [ "$PATCHSTAGE" == 2 ]; then + patch_edit "none" + fi + # Edit simulation props if set for late_start service + if [ "$SIMSTAGE" == 2 ]; then + dev_sim_edit "none" + fi fi -# Edit fingerprint if set for late_start service -if [ "$OPTIONBOOT" != 2 ] && [ "$PRINTSTAGE" == 2 ]; then - print_edit "none" + +# Edit MagiskHide sensitive props +if [ "$PROPEDIT" == 1 ]; then + # Edit all sensitive props, if set for late_start service + if [ "$PROPBOOT" == 2]; then + sensitive_props "$PROPSLIST" "$SAFELIST" + fi + + # Edit late senstive props + sensitive_props "$LATEPROPS" "$LATESAFELIST" "late" fi -# Edit security patch date if set for late_start service -if [ "$OPTIONBOOT" != 2 ] && [ "$PATCHSTAGE" == 2 ]; then - patch_edit "none" + +# Do a soft restart if a prop has been set in service.sh +if [ "$PROPLATE" == "true" ]; then + stop + start fi -# Edit simulation props if set for late_start service -if [ "$OPTIONBOOT" != 2 ] && [ "$SIMSTAGE" == 2 ]; then - dev_sim_edit "none" + +# SELinux +if [ "$(getenforce)" == "Permissive" ] || [ "$(getenforce)" == "0" ]; then + log_handler "Dealing with permissive SELinux." + chmod 640 /sys/fs/selinux/enforce >> $LOGFILE 2>&1 + chmod 440 /sys/fs/selinux/policy >> $LOGFILE 2>&1 fi + # Edit custom props set for late_start service custom_edit "CUSTOMPROPSLATE" custom_edit "CUSTOMPROPSDELAY" -# Edit MagiskHide sensitive values -if [ "$PROPEDIT" == 1 ]; then - log_handler "Changing sensitive props." - for ITEM in $PROPSLIST; do - PROP=$(get_prop_type $ITEM) - REPROP=$(echo "RE${PROP}" | tr '[:lower:]' '[:upper:]') - MODULEPROP=$(echo "MODULE${PROP}" | tr '[:lower:]' '[:upper:]') - if [ "$(eval "echo \$$REPROP")" == "true" ]; then - log_handler "Changing/writing $ITEM." - resetprop -nv $ITEM "$(eval "echo \$$MODULEPROP")" >> $LOGFILE 2>&1 - fi - done - stop - start -fi echo -e "\n----------------------------------------" >> $LOGFILE 2>&1 # Get currently saved values diff --git a/system/binpath/props b/system/binpath/props index cd23a0f..77dba57 100644 --- a/system/binpath/props +++ b/system/binpath/props @@ -1,7 +1,7 @@ #!/system/bin/sh # MagiskHide Props Config -# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers +# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers # Licence: MIT # ==================================================== @@ -904,21 +904,23 @@ menu_force_basic() { fn_oem_file # Find the OEM print file used STATETXT="${G}enable${N}" if [ "$BASICATTMODEL" ]; then - YTXT=" (use default value, ${C}$BASICATTMODEL${N})" + YTXT=", use default value (${C}$BASICATTMODEL${N})" else - YTXT=" (use default value, ${C}$(getprop ro.product.device)${N})" + YTXT=", use default value (${C}$(getprop ro.product.device)${N})" fi + YDTXT="Yes, p" else STATETXT="${R}disable${N}" YTXT="" + YDTXT="P" fi if [ "$BASICATTCUST" ]; then - CUSTTXT=" ${G}active${N}" + CUSTTXT=" (${G}active${N})" else CUSTTXT="" fi if [ "$BASICATTLIST" ]; then - LISTTXT=" ${G}active${N}" + LISTTXT=" (${G}active${N})" else LISTTXT="" fi @@ -939,9 +941,9 @@ menu_force_basic() { fi echo "" echo -e "${G}y${N} - Yes$YTXT" + echo -e "${G}d${N} - ${YDTXT}ick value from device list$LISTTXT" + echo -e "${G}c${N} - Set a custom value$CUSTTXT" echo -e "${G}n${N} - No" - echo -e "${G}d${N} - Pick from device list$LISTTXT" - echo -e "${G}c${N} - Custom value$CUSTTXT" if [ "$BASICATTCUST" ] || [ "$BASICATTLIST" ]; then echo -e "${G}r${N} - Reset" fi @@ -1562,12 +1564,12 @@ menu_dev_sim() { echo -e "${G} 8${N} - ro.build.display.id${DISPTXT}" if [ "$SIMMANUFACTURER" ] && [ "$SIMMODEL" ]; then echo -e "${G} 9${N} - ro.product.manufacturer${MANUFACTURERTXT}" - #if [ "$BASICATTEST" == 0 ]; then + if [ "$BASICATTEST" == 0 ]; then echo -e "${G}10${N} - ro.product.model${MODELTXT}" - #else - # echo -e " (Simulating ro.product.model is currently ${R}disabled${N}.)" - # echo "" - #fi + else + echo -e " (Simulating ro.product.model is currently ${R}disabled${N}.)" + echo "" + fi MANMODEN=true else MANMODEN=false @@ -1609,25 +1611,25 @@ menu_dev_sim() { if [ "$MANMODEN" == "false" ]; then invalid_input 1 2 else - #if [ "$BASICATTEST" == 1 ]; then - # case "$INPUT2" in - # *10*) invalid_input 7 2 - # ;; - # *) - # if [ -z "$NUMCHECK" ]; then - # menu_dev_sim_prop "$1" "$INPUT2" - # else - # invalid_input 7 2 - # fi - # ;; - # esac - #else + if [ "$BASICATTEST" == 1 ]; then + case "$INPUT2" in + *10*) invalid_input 7 2 + ;; + *) + if [ -z "$NUMCHECK" ]; then + menu_dev_sim_prop "$1" "$INPUT2" + else + invalid_input 7 2 + fi + ;; + esac + else if [ -z "$NUMCHECK" ]; then menu_dev_sim_prop "$1" "$INPUT2" else invalid_input 7 2 fi - #fi + fi fi ;; *) @@ -1640,11 +1642,11 @@ menu_dev_sim() { if [ "$MANMODEN" == "false" ] && [ "$INPUT2" == 9 -o "$INPUT2" == 10 ]; then invalid_input 1 2 else - #if [ "$BASICATTEST" == 1 ] && [ "$INPUT2" == 10 ]; then - # invalid_input 1 2 - #else + if [ "$BASICATTEST" == 1 ] && [ "$INPUT2" == 10 ]; then + invalid_input 1 2 + else menu_dev_sim_prop "$1" "$INPUT2" - #fi + fi fi else invalid_input 1 2 @@ -1948,7 +1950,7 @@ menu_bootstage_sim() { if [ "$SIMSTAGE" != 0 ]; then before_change OPTNEW=0 - log_handler "Boot stage changed to default." + log_handler "Device simulation boot stage changed to default." replace_fn SIMSTAGE $SIMSTAGE $OPTNEW $LATEFILE # Load module values . $LATEFILE @@ -1963,7 +1965,7 @@ menu_bootstage_sim() { if [ "$SIMSTAGE" != 1 ]; then before_change OPTNEW=1 - log_handler "Boot stage changed to post-fs-data." + log_handler "Device simulation boot stage changed to post-fs-data." replace_fn SIMSTAGE $SIMSTAGE $OPTNEW $LATEFILE # Load module values . $LATEFILE @@ -1978,7 +1980,7 @@ menu_bootstage_sim() { if [ "$SIMSTAGE" != 2 ]; then before_change OPTNEW=2 - log_handler "Boot stage changed to late_start service." + log_handler "Device simulation boot stage changed to late_start service." replace_fn SIMSTAGE $SIMSTAGE $OPTNEW $LATEFILE # Load module values . $LATEFILE @@ -2007,114 +2009,134 @@ menu_magiskhide_props() { INPUT2="" while true do - ACTIVE="${G} (active)${N}" - DEBUGGABLETXT="" - SECURETXT="" - TYPETXT="" - TAGSTXT="" - SELINUXTXT="" + ITEMCOUNT=0 if [ -z "$INPUT2" ]; then - if [ "$REDEBUGGABLE" == "true" ]; then - DEBUGGABLETXT=$ACTIVE - fi - if [ "$RESECURE" == "true" ]; then - SECURETXT=$ACTIVE - fi - if [ "$RETYPE" == "true" ]; then - TYPETXT=$ACTIVE - fi - if [ "$RETAGS" == "true" ]; then - TAGSTXT=$ACTIVE - fi - if [ "$REBOOTMODE" == "true" ]; then - BOOTMODETXT=$ACTIVE - fi - if [ "$REMODE" == "true" ]; then - MODETXT=$ACTIVE - fi - if [ "$RESELINUX" == "true" ]; then - SELINUXTXT=$ACTIVE - fi menu_header "${C}$1${N}\n Select an option below:" echo "" - echo "Change some of the sensitive props set by MagiskHide." + echo "Set/reset MagiskHide sensitive props." echo "" - echo -e "${G}1${N} - ro.debuggable${DEBUGGABLETXT}" - echo -e "${G}2${N} - ro.secure${SECURETXT}" - echo -e "${G}3${N} - ro.build.type${TYPETXT}" - echo -e "${G}4${N} - ro.build.tags${TAGSTXT}" - echo -e "${G}5${N} - ro.bootmode${BOOTMODETXT}" - echo -e "${G}6${N} - ro.boot.mode${MODETXT}" - if [ "$(getprop ro.build.selinux)" ]; then - echo -e "${G}7${N} - ro.build.selinux${SELINUXTXT}" - fi - if [ "$PROPCOUNT" -lt 5 ]; then - echo -e "${G}a${N} - Change all props" - fi - if [ "$PROPCOUNT" -gt 1 ]; then - echo -e "${G}r${N} - Reset all props" + magiskhide_props_menu "$SAFELIST" + magiskhide_props_menu "$TRIGGERSAFELIST" "trigger" + magiskhide_props_menu "$LATESAFELIST" "late" + if [ "$ITEMCOUNT" == 0 ]; then + echo "None of the sensitive props need" + echo "to be changed on your device." + echo "They are all already set to a safe" + echo "value or does not exist on the device." + echo "" + echo "If you still want to change/set one of" + echo "them, to a value other than the safe" + echo "ones, use the custom props option." + echo "" + if [ "$PROPEDIT" == 1 ]; then + echo "But, this setting is active..." + echo "Do you want to disable this feature?" + echo "(This would save some resources during boot.)" + echo "" + echo -e "${G}y${N} - Yes" + echo -e "${G}n${N} - No" + echo -e "${G}e${N} - Exit" + echo "" + echo "See the module readme or the" + echo "support thread @ XDA for details." + echo "" + echo -n "Enter your desired option: " + read -r INPUT2 + else + echo "Nothing to do... Returning to main menu." + sleep 5 + INPUT="" + break + fi + else + if [ "$PROPCOUNT" -lt $(($ITEMCOUNT-3)) ]; then + echo -e "${G}a${N} - Set all props" + fi + if [ "$PROPCOUNT" -gt 2 ]; then + echo -e "${G}r${N} - Reset all props" + fi + echo -e "${G}s${N} - Boot stage" + echo -e "${G}b${N} - Go back to main menu" + echo -e "${G}e${N} - Exit" + echo "" + echo "Pick several options at once by" + echo "separating inputs with a comma." + echo "Example: 1,3,4" + echo "" + echo "See the module readme or the" + echo "support thread @ XDA for details." + echo "" + echo -n "Enter your desired option: " + read -r INPUT2 fi - echo -e "${G}b${N} - Go back to main menu" - echo -e "${G}e${N} - Exit" - echo "" - echo "Pick several options at once by" - echo "separating inputs with a comma." - echo "Example: 1,3,4" - echo "" - echo "See the module readme or the" - echo "support thread @ XDA for details." - echo "" - echo -n "Enter your desired option: " - read -r INPUT2 fi case "$INPUT2" in *\,*) - if [ -z "$(echo $(echo $INPUT2 | sed 's|\,||g') | tr -d [0-9])" ]; then - menu_change_prop "Change multiple props" $INPUT2 + if [ -z "$(echo $(echo $INPUT2 | sed 's|\,||g') | tr -d [0-9])" ] && [ "$ITEMCOUNT" != 0 ]; then + menu_change_prop "Set multiple props" $INPUT2 else invalid_input 7 2 fi ;; - 1) menu_change_prop "ro.debuggable" $CURRDEBUGGABLE $ORIGDEBUGGABLE $MODULEDEBUGGABLE - ;; - 2) menu_change_prop "ro.secure" $CURRSECURE $ORIGSECURE $MODULESECURE - ;; - 3) menu_change_prop "ro.build.type" $CURRTYPE $ORIGTYPE $MODULETYPE - ;; - 4) menu_change_prop "ro.build.tags" $CURRTAGS $ORIGTAGS $MODULETAGS - ;; - 5) menu_change_prop "ro.bootmode" $CURRBOOTMODE $ORIGBOOTMODE $MODULEBOOTMODE - ;; - 6) menu_change_prop "ro.boot.mode" $CURRMODE $ORIGMODE $MODULEMODE + a|A) + if [ "$PROPCOUNT" -lt $(($ITEMCOUNT-3)) ] && [ "$ITEMCOUNT" != 0 ]; then + menu_change_prop "Set all props" + else + invalid_input 1 2 + fi ;; - 7) - if [ "$(getprop ro.build.selinux)" ]; then - menu_change_prop "ro.build.selinux" $CURRSELINUX $ORIGSELINUX $MODULESELINUX + r|R) + if [ "$PROPCOUNT" -gt 2 ] && [ "$ITEMCOUNT" != 0 ]; then + menu_reset_prop_all "Reset all props" else invalid_input 1 2 fi ;; - a|A) - if [ "$PROPCOUNT" -lt 5 ]; then - menu_change_prop "Change all props" + b|B) + if [ "$ITEMCOUNT" != 0 ]; then + INPUT="" + break else invalid_input 1 2 fi ;; - r|R) - if [ "$PROPCOUNT" -gt 1 ]; then + y|Y) + if [ "$ITEMCOUNT" == 0 ]; then menu_reset_prop_all "Reset all props" + INPUT2="" + break else invalid_input 1 2 fi ;; - b|B) - INPUT="" - break + n|N) + if [ "$ITEMCOUNT" == 0 ]; then + INPUT="" + break + else + invalid_input 1 2 + fi ;; e|E) exit_fn ;; - *) invalid_input 1 2 + *) + if [ "$INPUT2" -ge 1 -a "$INPUT2" -lt "$ITEMCOUNT" ] && [ "$ITEMCOUNT" != 0 ]; then + ITEMCOUNT=1 + for ITEM in $SAFELIST$TRIGGERSAFELIST$LATESAFELIST; do + CURRVALUE=$(eval "echo \$$(echo "CURR$(get_prop_type $(get_eq_left "$ITEM"))" | tr '[:lower:]' '[:upper:]')") + ORIGVALUE=$(eval "echo \$$(echo "ORIG$(get_prop_type $(get_eq_left "$ITEM"))" | tr '[:lower:]' '[:upper:]')") + MODULEVALUE=$(eval "echo \$$(echo "MODULE$(get_prop_type $(get_eq_left "$ITEM"))" | tr '[:lower:]' '[:upper:]')") + if [ "$ORIGVALUE" ] && [ "$(get_eq_right "$ITEM")" != "$ORIGVALUE" ]; then + if [ "$ITEMCOUNT" == "$INPUT2" ]; then + menu_change_prop "$(get_eq_left "$ITEM")" "$CURRVALUE" "$ORIGVALUE" "$MODULEVALUE" + break + fi + ITEMCOUNT=$(($ITEMCOUNT+1)) + fi + done + else + invalid_input 1 2 + fi ;; esac done @@ -2128,69 +2150,89 @@ menu_change_prop() { if [ -z "$INPUT3" ]; then menu_header "${C}$1${N}" echo "" - if [ "$1" == "Change multiple props" ]; then + if [ "$1" == "Set multiple props" ]; then TMPITEMS="" CNT=1 TMPLST=$(echo $2 | sed 's|\,| |g') - for ITEM in $PROPSLIST; do - for INT in $TMPLST; do - case $INT in - 7) - if [ "$(getprop ro.build.selinux)" ]; then - if [ "$INT" == "$CNT" ]; then - if [ "$TMPITEMS" ]; then - TMPITEMS="$TMPITEMS $ITEM" - else - TMPITEMS="$ITEM" - fi - fi - fi - ;; - *) - if [ "$INT" == "$CNT" ]; then - if [ "$TMPITEMS" ]; then - TMPITEMS="$TMPITEMS $ITEM" - else - TMPITEMS="$ITEM" - fi + for ITEM in $SAFELIST$TRIGGERSAFELIST$LATESAFELIST; do + ORIGVALUE=$(eval "echo \$$(echo "ORIG$(get_prop_type $(get_eq_left "$ITEM"))" | tr '[:lower:]' '[:upper:]')") + if [ "$ORIGVALUE" ] && [ "$(get_eq_right "$ITEM")" != "$ORIGVALUE" ]; then + for INT in $TMPLST; do + if [ "$INT" == "$CNT" ]; then + if [ "$TMPITEMS" ]; then + TMPITEMS="$TMPITEMS $(get_eq_left "$ITEM")" + else + TMPITEMS=$(get_eq_left "$ITEM") fi - ;; - esac - done - CNT=$(($CNT+1)) + fi + done + CNT=$(($CNT+1)) + fi done echo "Do you want to change the" echo "following props:" echo "" - echo -e "${C}$(echo $TMPITEMS | sed 's| |\n|g')${N}" - elif [ "$1" == "Change all props" ]; then - echo "Do you want to change all" + for ITEM in $TMPITEMS; do + CURRVALUE=$(eval "echo \$$(echo "CURR$(get_prop_type $(get_eq_left "$ITEM"))" | tr '[:lower:]' '[:upper:]')") + safe_props $ITEM $CURRVALUE + if [ "$SAFE" == 1 ]; then + SAFETXT=" (currently set to a safe value)" + else + SAFETXT=" (currently set to a triggering value)" + fi + echo -e ${C}$ITEM${N}$SAFETXT + done + elif [ "$1" == "Set all props" ]; then + echo "Do you want to set all" echo "MagiskHide sensitive props?" - TMPITEMS=$PROPSLIST + TMPITEMS=$PROPSLIST$TRIGGERPROPS$LATEPROPS else - PROP=$(get_prop_type "$1") - REPROP=$(echo "RE${PROP}" | tr '[:lower:]' '[:upper:]') + REPROP=$(echo "RE$(get_prop_type "$1")" | tr '[:lower:]' '[:upper:]') # Checks if the prop exists if [ "$2" ]; then + CTRLTRIGG=false + for TRIGG in $TRIGGERPROPS; do + if [ "$TRIGG" == "$1" ]; then + CTRLTRIGG=true + break + fi + done if [ "$4" ] && [ "$(get_file_value $LATEFILE "${REPROP}=")" == "true" ]; then - PROPMODULETXT=", by this module" - BACKTXT=" back" + if [ "$CTRLTRIGG" == "false" ]; then + PROPMODULETXT=", by this module" + BACKTXT=" back" + else + PROPMODULETXT="${G}active${N}" + BACKTXT="${R}deactivate${N}" + fi else - PROPMODULETXT="" - BACKTXT="" - fi - echo -e "Currently set to ${C}$2${N}${PROPMODULETXT}." - if [ "$2" != "$3" ]; then - echo -e "The original value is ${C}$3${N}." + if [ "$CTRLTRIGG" == "false" ]; then + PROPMODULETXT="" + BACKTXT="" + else + PROPMODULETXT="${R}deactivated${N}" + BACKTXT="${G}activate${N}" + fi fi - echo "" - safe_props "$1" $2 - change_to "$1" $2 - if [ "$SAFE" == 1 ]; then - echo "You currently have the safe value set." - echo -e "Are you sure you want to change it$BACKTXT to ${C}$CHANGE${N}?" + if [ "$CTRLTRIGG" == "false" ]; then + echo -e "Currently set to ${C}$2${N}${PROPMODULETXT}." + if [ "$2" != "$3" ]; then + echo -e "The original value is ${C}$3${N}." + fi + echo "" + safe_props "$1" "$2" + change_to "$1" "$2" + if [ "$SAFE" == 1 ]; then + echo "You currently have the safe value set." + echo -e "Are you sure you want to change it$BACKTXT to ${C}$CHANGE${N}?" + else + echo -e "Do you want to change it${BACKTXT} to ${C}$CHANGE${N}?" + fi else - echo -e "Do you want to change it${BACKTXT} to ${C}$CHANGE${N}?" + echo -e "Changing of ${C}$1${N} when" + echo -e "containing triggering value is $PROPMODULETXT." + echo "" + echo -e "Are you sure you want to $BACKTXT it." fi else echo "This prop doesn't currently exist on your system." @@ -2207,13 +2249,16 @@ menu_change_prop() { fi case "$INPUT3" in y|Y) - if [ "$1" == "Change multiple props" ] || [ "$1" == "Change all props" ]; then + if [ "$1" == "Set multiple props" ] || [ "$1" == "Set all props" ]; then for ITEM in $TMPITEMS; do - PROP=$(get_prop_type "$ITEM") - CURRPROP=$(echo "CURR${PROP}" | tr '[:lower:]' '[:upper:]') - TMPVAL="$(eval "echo \$$CURRPROP")" - change_to "$ITEM" $TMPVAL - change_prop "$ITEM" $CHANGE "none" + CURRVALUE=$(eval "echo \$$(echo "CURR$(get_prop_type $(get_eq_left "$ITEM"))" | tr '[:lower:]' '[:upper:]')") + safe_props "$ITEM" $CURRVALUE + if [ "$SAFE" == 1 ] && [ "$1" != "Set all props" ]; then + reset_prop "$ITEM" "none" + else + change_to "$ITEM" $CURRVALUE + change_prop "$ITEM" $CHANGE "none" + fi . $LATEFILE done after_change "$1" @@ -2245,8 +2290,8 @@ menu_reset_prop_all() { if [ -z "$INPUT3" ]; then menu_header "${C}$1${N}" echo "" - echo "This will reset all prop" - echo "values to default values." + echo "This will reset all prop values" + echo "to the default device values." echo "" echo "Do you want to continue?" echo "" @@ -2280,7 +2325,7 @@ menu_reset_prop() { menu_header "${C}$1${N}" echo "" echo "This will reset $2" - echo "to it's default value." + echo "to it's default device value." echo "" echo "Do you want to continue?" echo "" @@ -2305,6 +2350,93 @@ menu_reset_prop() { done } +# Third menu level - Boot stage, $1=header +menu_bootstage_prop() { + INPUT3="" + while true + do + if [ -z "$INPUT3" ]; then + if [ "$PROPBOOT" == 0 ]; then + CURRTXT="default" + TMPTXT="${C}post-fs-data${N} or ${C}late_start sevice${N}" + CHOICETXT="${G}p${N}(ost), ${G}l${N}(ate)" + elif [ "$PROPBOOT" == 1 ]; then + CURRTXT="post-fs-data" + TMPTXT="${C}default${N} or ${C}late_start service${N}" + CHOICETXT="${G}d${N}(efault), ${G}l${N}(ate)" + elif [ "$PROPBOOT" == 2 ]; then + CURRTXT="late_start service" + TMPTXT="${C}default${N} or ${C}post-fs-data${N}" + CHOICETXT="${G}d${N}(efault), ${G}p${N}(post)" + fi + menu_header "${C}$1${N}" + echo "" + echo -e "Current boot stage is ${G}$CURRTXT${N}." + echo "" + echo "Do you want to change it to" + echo -e "$TMPTXT?" + echo "" + echo -en "Enter $CHOICETXT, ${G}b${N}(ack) or ${G}e${N}(xit): " + read -r INPUT3 + fi + case "$INPUT3" in + d|D) + if [ "$PROPBOOT" != 0 ]; then + before_change + OPTNEW=0 + log_handler "MagiskHide props boot stage changed to default." + replace_fn PROPBOOT $PROPBOOT $OPTNEW $LATEFILE + # Load module values + . $LATEFILE + INPUT2="" + after_change "$1" + break + else + invalid_input 1 3 + fi + ;; + p|P) + if [ "$PROPBOOT" != 1 ]; then + before_change + OPTNEW=1 + log_handler "MagiskHide props boot stage changed to post-fs-data." + replace_fn PROPBOOT $PROPBOOT $OPTNEW $LATEFILE + # Load module values + . $LATEFILE + INPUT2="" + after_change "$1" + break + else + invalid_input 1 3 + fi + ;; + l|L) + if [ "$PROPBOOT" != 2 ]; then + before_change + OPTNEW=2 + log_handler "MagiskHide props boot stage changed to late_start service." + replace_fn PROPBOOT $PROPBOOT $OPTNEW $LATEFILE + # Load module values + . $LATEFILE + INPUT2="" + after_change "$1" + break + else + invalid_input 1 3 + fi + ;; + b|B) + INPUT2="" + break + ;; + e|E) exit_fn + ;; + *) invalid_input 1 3 + ;; + esac + done +} + # ======================== Custom Props ======================== # Second menu level - Custom props, $1=Header menu_custom_props() { @@ -2578,7 +2710,11 @@ menu_new_custprop() { ""|[[:blank:]]*) blank_input 3 ;; *) - if [ "$(echo $PROPSLIST | grep -Eo "(^| )$INPUT3($| )")" ] || [ "$(echo $CUSTOMPROPSLIST | grep -Eo "(^| )$INPUT3($| )")" ]; then + PROP=$(get_prop_type $INPUT3) + REPROP=$(echo "RE${PROP}" | tr '[:lower:]' '[:upper:]') + ORIGPROP=$(echo "ORIG${PROP}" | tr '[:lower:]' '[:upper:]') + MODULEPROP=$(echo "MODULE${PROP}" | tr '[:lower:]' '[:upper:]') + if [ "$(eval "echo \$$REPROP")" == "true" ] && [ "$(eval "echo \$$ORIGPROP")" ] && [ "$(eval "echo \$$MODULEPROP")" ] || [ "$(echo $CUSTOMPROPSLIST | grep -Eo "(^| )$INPUT3($| )")" ]; then menu_magiskhide_custprop "$INPUT3" else menu_set_new_custprop "$INPUT3" @@ -2632,27 +2768,51 @@ menu_magiskhide_custprop() { if [ -z "$INPUT4" ]; then menu_header "${C}$1${N}" echo "" - if [ "$(echo $PROPSLIST | grep -o $1)" ]; then - echo -e "${C}$1${N} is" - echo "one of the sensitive props already set" - echo "by MagiskHide. No need to do it again." - else + if [ "$(echo "$CUSTOMPROPSLIST" | grep -o $1)" ]; then + TMPCHK="b" echo -e "${C}$1${N} is" echo "already on your list of custom props." echo "No need to set it again." + echo "" + echo -e "${G}b${N} - Go back" + else + TMPCHK="n" + echo -e "${C}$1${N} is" + echo "one of the sensitive props that can be" + echo "set by the MagiskHide props option." + echo "Are you sure you want to proceed?" + echo "" + echo -e "${G}y${N} - Yes" + echo -e "${G}n${N} - No" fi - echo "" - echo -e "${G}b${N} - Go back" echo -e "${G}e${N} - Exit" echo "" echo -n "Enter your desired option: " read -r INPUT4 fi case "$INPUT4" in - b|B) + y|Y) + menu_set_new_custprop "$1" + INPUT2="" INPUT3="" break ;; + n|N) + if [ "$TMPCHK" == "n" ]; then + INPUT3="" + break + else + invalid_input 1 4 + fi + ;; + b|B) + if [ "$TMPCHK" == "b" ]; then + INPUT3="" + break + else + invalid_input 1 4 + fi + ;; e|E) exit_fn ;; *) invalid_input 1 4 @@ -4153,16 +4313,22 @@ do elif [ "$PRINTEDIT" == 1 ]; then PRINTTXT=$ACTIVE fi - #if [ "$BASICATTEST" == 1 ]; then - # BASICTXT=$ACTIVE - #fi + if [ "$BASICATTEST" == 1 ]; then + BASICTXT=$ACTIVE + fi if [ "$FINGERPRINTENB" == 0 ] || [ "$PRINTEDIT" == 0 ]; then DEVTXT=$DISABLED elif [ "$DEVSIM" == 1 ] && [ "$BRANDSET" == 1 ] || [ "$NAMESET" == 1 ] || [ "$DEVICESET" == 1 ] || [ "$RELEASESET" == 1 ] || [ "$IDSET" == 1 ] || [ "$INCREMENTALSET" == 1 ] || [ "$SDKSET" == 1 ] || [ "$DISPLAYSET" == 1 ]; then DEVTXT=$ACTIVE fi if [ "$PROPEDIT" == 1 ]; then - PROPTXT=$ACTIVE + ITEMCOUNT=0 + magiskhide_props_menu "$SAFELIST" "" "count" + magiskhide_props_menu "$TRIGGERSAFELIST" "trigger" "count" + magiskhide_props_menu "$LATESAFELIST" "late" "count" + if [ "$ITEMCOUNT" != 0 ]; then + PROPTXT=$ACTIVE + fi fi if [ "$CUSTOMEDIT" == 1 ]; then CUSTTXT=$ACTIVE @@ -4180,13 +4346,13 @@ do fi fi echo -e "${G}1${N} - Edit device fingerprint${PRINTTXT}" - # echo -e "${G}2${N} - Force BASIC key attestation${BASICTXT}" # Google once again changed their SN checks. This is no longer viable. Will remove completely in future. - echo -e "${G}2${N} - Device simulation${DEVTXT}" - echo -e "${G}3${N} - Edit MagiskHide props${PROPTXT}" - echo -e "${G}4${N} - Add/edit custom props${CUSTTXT}" - echo -e "${G}5${N} - Delete prop values${DELTXT}" - echo -e "${G}6${N} - Script settings" - echo -e "${G}7${N} - Collect logs" + echo -e "${G}2${N} - Force BASIC key attestation${BASICTXT}" # Google once again changed their SN checks. This is no longer viable. Will remove completely in future. + echo -e "${G}3${N} - Device simulation${DEVTXT}" + echo -e "${G}4${N} - Edit MagiskHide props${PROPTXT}" + echo -e "${G}5${N} - Add/edit custom props${CUSTTXT}" + echo -e "${G}6${N} - Delete prop values${DELTXT}" + echo -e "${G}7${N} - Script settings" + echo -e "${G}8${N} - Collect logs" if [ -z "$UPDATECHECK" ]; then echo -e "${G}u${N} - Perform module update check" fi @@ -4213,19 +4379,19 @@ do case "$INPUT" in 1) menu_change_fingerprint "Edit device fingerprint${PRINTTXT}" $CURRFINGERPRINT $ORIGFINGERPRINT $MODULEFINGERPRINT ;; - # 2) menu_force_basic "Force BASIC key attestation${BASICTXT}" # Google once again changed their SN checks. This is no longer viable. Will remove completely in future. - # ;; - 2) menu_dev_sim "Device simulation${DEVTXT}" + 2) menu_force_basic "Force BASIC key attestation${BASICTXT}" # Google once again changed their SN checks. This is no longer viable. Will remove completely in future. + ;; + 3) menu_dev_sim "Device simulation${DEVTXT}" ;; - 3) menu_magiskhide_props "MagiskHide props${PROPTXT}" + 4) menu_magiskhide_props "MagiskHide props${PROPTXT}" ;; - 4) menu_custom_props "Custom props${CUSTTXT}" + 5) menu_custom_props "Custom props${CUSTTXT}" ;; - 5) menu_delete_props "Delete props${DELTXT}" + 6) menu_delete_props "Delete props${DELTXT}" ;; - 6) menu_options "Script settings" + 7) menu_options "Script settings" ;; - 7) menu_logs "Collect logs" + 8) menu_logs "Collect logs" ;; u|U) if [ -z "$UPDATECHECK" ]; then diff --git a/uninstall.sh b/uninstall.sh index c3051f2..f4d7783 100644 --- a/uninstall.sh +++ b/uninstall.sh @@ -1,7 +1,7 @@ #!/system/bin/sh # MagiskHide Props Config -# Copyright (c) 2018-2020 Didgeridoohan @ XDA Developers +# Copyright (c) 2018-2021 Didgeridoohan @ XDA Developers # Licence: MIT # Uninstalls the module settings file and directory in Magisk's secure directory