#!/system/bin/sh

MODDIR=/magisk/.core/magiskhide
BINPATH=/magisk/.core/bin
LOGFILE=/cache/magisk.log
TOOLPATH=/dev/busybox

log_print() {
  echo "MagiskHide: $1"
  echo "MagiskHide: $1" >> $LOGFILE
  log -p i -t Magisk "MagiskHide: $1"
}

# Only enable when isn't started
$TOOLPATH/ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 && exit

if [ ! -d /sbin_orig ]; then
  log_print "Moving and re-linking /sbin binaries"
  mount -o rw,remount rootfs /
  mv -f /sbin /sbin_orig
  mkdir /sbin
  mount -o ro,remount rootfs /
  mkdir -p /dev/sbin_bind
  chmod 755 /dev/sbin_bind
  ln -s /sbin_orig/* /dev/sbin_bind
  chcon -h u:object_r:system_file:s0 /dev/sbin_bind /dev/sbin_bind/*
  mount -o bind /dev/sbin_bind /sbin
fi

log_print "Removing dangerous read-only system props"

VERIFYBOOT=`getprop ro.boot.verifiedbootstate`
FLASHLOCKED=`getprop ro.boot.flash.locked`
VERITYMODE=`getprop ro.boot.veritymode`
KNOX1=`getprop ro.boot.warranty_bit`
KNOX2=`getprop ro.warranty_bit`
DEBUGGABLE=`getprop ro.debuggable`
SECURE=`getprop ro.secure`

[ ! -z "$VERIFYBOOT" -a "$VERIFYBOOT" != "green" ] && \
log_print "`$BINPATH/resetprop -v -n ro.boot.verifiedbootstate green`"
[ ! -z "$FLASHLOCKED" -a "$FLASHLOCKED" != "1" ] && \
log_print "`$BINPATH/resetprop -v -n ro.boot.flash.locked 1`"
[ ! -z "$VERITYMODE" -a "$VERITYMODE" != "enforcing" ] && \
log_print "`$BINPATH/resetprop -v -n ro.boot.veritymode enforcing`"
[ ! -z "$KNOX1" -a "$KNOX1" != "0" ] && \
log_print "`$BINPATH/resetprop -v -n ro.boot.warranty_bit 0`"
[ ! -z "$KNOX2" -a "$KNOX2" != "0" ] && \
log_print "`$BINPATH/resetprop -v -n ro.warranty_bit 0`"
[ ! -z "$DEBUGGABLE" -a "$DEBUGGABLE" != "0" ] && \
log_print "`$BINPATH/resetprop -v -n ro.debuggable 0`"
[ ! -z "$SECURE" -a "$SECURE" != "1" ] && \
log_print "`$BINPATH/resetprop -v -n ro.secure 1`"

touch $MODDIR/hidelist
chmod -R 755 $MODDIR
# Add Safety Net preset
$MODDIR/add com.google.android.gms.unstable

while read PROCESS; do
  log_print "Killing $PROCESS"
  set --
  set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
  [ ! -z "$1" ] && kill "$1"
done < $MODDIR/hidelist

log_print "Starting MagiskHide daemon"
($BINPATH/magiskhide --daemon)
