-
Notifications
You must be signed in to change notification settings - Fork 18
/
fakemurk.sh.pre
executable file
·237 lines (207 loc) · 6.23 KB
/
fakemurk.sh.pre
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
#include "fakemurk_lib.sh.pre"
drop_image_patcher(){
base64 -d <<-EOF | bunzip2 -dc >"$ROOT/sbin/image_patcher.sh"
#include "image_patcher.sh.b64"
EOF
chmod 777 "$ROOT/sbin/image_patcher.sh"
}
is_target_booted() {
[ -z "$COMPAT" ] && [ "$(get_booted_kernnum)" == "$TGT_KERNNUM" ]
}
opposite_num() {
if [ "$1" == "2" ]; then
echo -n 4
elif [ "$1" == "4" ]; then
echo -n 2
elif [ "$1" == "3" ]; then
echo -n 5
elif [ "$1" == "5" ]; then
echo -n 3
else
return 1
fi
}
prepare_target_root() {
sleep 2
if verity_enabled_for_n "$TGT_KERNNUM"; then
echo "removing rootfs verification on target kernel $TGT_KERN_DEV"
/usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification --partitions "$TGT_KERNNUM" -i "$DST" 2>/dev/null
if is_target_booted; then
# if we're booted from the target kernel, we need to reboot. this is a pretty rare circumstance
cat <<-EOF
ROOTFS VERIFICATION SUCCESSFULLY REMOVED
IN ORDER TO PROCCEED, THE CHROMEBOOK MUST BE REBOOTED
PRESS ENTER TO REBOOT, THEN ONCE BOOTED RUN THIS SCRIPT AGAIN
EOF
swallow_stdin
read -r
reboot
leave
fi
fi
if ! is_target_booted; then
mkdir /tmp/rootmnt
mount "$TGT_ROOT_DEV" /tmp/rootmnt
ROOT=/tmp/rootmnt
else
ROOT=
fi
}
get_largest_cros_blockdev() {
local largest size dev_name tmp_size remo
size=0
for blockdev in /sys/block/"${dev%n*}"*; do
dev_name="${blockdev##*/}"
echo "$dev_name" | grep -q '^\(loop\|ram\)' && continue
tmp_size=$(cat "$blockdev"/size)
remo=$(cat "$blockdev"/removable)
if [ "$tmp_size" -gt "$size" ] && [ "${remo:-0}" -eq 0 ]; then
case "$(sfdisk -l -o name "/dev/$dev_name" 2>/dev/null)" in
*STATE*KERN-A*ROOT-A*KERN-B*ROOT-B*)
largest="/dev/$dev_name"
size="$tmp_size"
;;
esac
fi
done
echo "$largest"
}
verity_enabled_for_n() {
grep -q "root=/dev/dm" <"${DST}p${1}"
}
get_booted_kernnum() {
# for some reason priorities can be like 2 and 1 instead of just 0 and 1???
if (($(cgpt show -n "$DST" -i 2 -P) > $(cgpt show -n "$DST" -i 4 -P))); then
echo -n 2
else
echo -n 4
fi
}
cleanup() {
if [ "$COMPAT" == "1" ]; then
echo "pressure washing..."
yes | mkfs.ext4 "${DST}p1" >/dev/null 2>&1 || : # hope you didn't have anything valuable on there
fi
cvpd -i RW_VPD -s check_enrollment=1 2>/dev/null
cvpd -i RW_VPD -s block_devmode=0 2>/dev/null
csys block_devmode=0 2>/dev/null
}
set_kernel_priority() {
cgpt add "$DST" -i 4 -P 0
cgpt add "$DST" -i 2 -P 0
cgpt add "$DST" -i "$TGT_KERNNUM" -P 1
}
configure_target() {
# remember, the goal here is to end up with one kernel that can be patched, and one kernel for the revert function.
# we prioritize the non booted kernel so a reboot isn't needed
DST="$(get_largest_cros_blockdev)"
if [ "$DST" == "" ]; then
echo "No CrOS SSD found on device!"
leave
fi
if verity_enabled_for_n 2 && verity_enabled_for_n 4; then
TGT_KERNNUM=
elif verity_enabled_for_n 2; then
TGT_KERNNUM=4
elif verity_enabled_for_n 4; then
TGT_KERNNUM=2
else
TGT_KERNNUM=
if [ "$ROOTFS_BACKUP" == "1" ]; then
echo "Rootfs restore is requested to be enabled, but both partitions have rootfs verification disabled. Please go through the recovery process to enable rootfs verification or run again and do not choose to enable rootfs restore."
leave
fi
fi
if [ "$TGT_KERNNUM" != "2" ] && [ "$TGT_KERNNUM" != "4" ]; then
if [ "$COMPAT" == "1" ]; then
TGT_KERNNUM=2
else
TGT_KERNNUM=$(opposite_num "$(get_booted_kernnum)")
fi
fi
TGT_ROOTNUM=$((TGT_KERNNUM + 1))
TGT_KERN_DEV="${DST}p$TGT_KERNNUM"
TGT_ROOT_DEV="${DST}p$TGT_ROOTNUM"
ALT_ROOTNUM=$(opposite_num "$TGT_ROOTNUM")
ALT_KERNNUM=$(opposite_num "$TGT_KERNNUM")
ALT_KERN_DEV="${DST}p$ALT_KERNNUM"
ALT_ROOT_DEV="${DST}p$ALT_ROOTNUM"
echo "target kern is $TGT_KERNNUM@$TGT_KERN_DEV"
echo "target root is $TGT_ROOTNUM@$TGT_ROOT_DEV"
echo
echo "backup kern is $ALT_KERNNUM@$ALT_KERN_DEV"
echo "backup root is $ALT_ROOTNUM@$ALT_ROOT_DEV"
}
patch_root() {
echo "disabling autoupdates"
disable_autoupdates
drop_cr50_update
sleep 2
echo "dropping crossystem.sh"
mv "$ROOT/usr/bin/crossystem" "$ROOT/usr/bin/crossystem.old"
drop_crossystem_sh
echo "staging sshd"
sleep 2
echo "dropping pollen"
drop_pollen
sleep 2
echo "preventing stateful bootloop"
drop_startup_patch
if [ "$COMPAT" == "1" ]; then
touch "$ROOT/stateful_unfucked"
fi
echo "installing mush shell"
drop_mush
sleep 2
echo "dropping fakemurk daemon"
drop_daemon
echo "preparing ausystem"
drop_ssd_util
drop_image_patcher
if [ "$DEVBUILD" == "1" ]; then
devbuild_patchroot
fi
}
main() {
traps
fakemurk_info
config
if csys mainfw_type?recovery; then
echo "Entering shim compatability mode"
COMPAT=1
stty sane
sleep 1
fi
# make sure it doesn't accidentally brick
crossystem dev_boot_signed_only=0
echo "----- stage 1: grabbing disk configuration -----"
configure_target
sleep 2
echo "----- stage 2: patching target rootfs -----"
prepare_target_root
patch_root
sync
sleep 2
echo "----- stage 3: cleaning up -----"
cleanup
sleep 1
echo "setting kernel priority"
set_kernel_priority
sleep 1
echo "done! press enter to reboot, and your chromebook should enroll into management when rebooted, but stay hidden in devmode"
swallow_stdin
read -r
reboot
leave
}
if [ "$0" = "$BASH_SOURCE" ]; then
stty sane
# if [ "$SHELL" != "/bin/bash" ]; then
# echo "hey! you ran this with \"sh\" (or some other shell). i would really prefer if you ran it with \"bash\" instead"
# fi
if [ "$EUID" -ne 0 ]; then
echo "Please run as root"
exit
fi
main
fi