Switch hooking method to Dobby

- Android 14 QPR2 (currently in Beta and due for Stable in March) breaks ShadowHook libc hooking needed for property spoofing - there are currently no signs of life over at ShadowHook to resolve this despite my reporting it to them over a month ago Co-authored-by: Nicholas Bissell <thefreeman193@hotmail.com> Co-authored-by: chiteroman <98092901+chiteroman@users.noreply.github.com>
2025-09-06 06:37:06 +00:00 · 2024-01-15 23:05:18 -04:00
parent 802c0a7617
commit 475185c3ee
11 changed files with 46 additions and 66 deletions
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,6 +1,3 @@
-[submodule "libcxx"]
-	path = app/src/main/cpp/libcxx
-	url = https://github.com/topjohnwu/libcxx.git
-[submodule "shadowhook"]
-	path = app/src/main/cpp/shadowhook
-	url = https://github.com/bytedance/android-inline-hook
+[submodule "Dobby"]
+	path = app/src/main/cpp/Dobby
+	url = https://github.com/jmpews/Dobby
--- a/.idea/vcs.xml
+++ b/.idea/vcs.xml
@@ -2,6 +2,6 @@
 <project version="4">
  <component name="VcsDirectoryMappings">
    <mapping directory="" vcs="Git" />
-    <mapping directory="$PROJECT_DIR$/app/src/main/cpp/libcxx" vcs="Git" />
+    <mapping directory="$PROJECT_DIR$/app/src/main/cpp/Dobby" vcs="Git" />
  </component>
-</project>
+</project>
--- a/app/build.gradle.kts
+++ b/app/build.gradle.kts
@@ -8,6 +8,17 @@ android {
    ndkVersion = "26.1.10909125"
    buildToolsVersion = "34.0.0"

+    buildFeatures {
+        prefab = true
+    }
+
+    packaging {
+        jniLibs {
+            excludes += "**/liblog.so"
+            excludes += "**/libdobby.so"
+        }
+    }
+
    defaultConfig {
        applicationId = "es.chiteroman.playintegrityfix"
        minSdk = 26
@@ -16,10 +27,15 @@ android {
        versionName = "1.0"

        externalNativeBuild {
-            ndk {
-                jobs = Runtime.getRuntime().availableProcessors()
-                abiFilters += "armeabi-v7a"
-                abiFilters += "arm64-v8a"
+            cmake {
+                arguments += "-DANDROID_STL=none"
+                arguments += "-DCMAKE_BUILD_TYPE=Release"
+
+                cppFlags += "-std=c++20"
+                cppFlags += "-fno-exceptions"
+                cppFlags += "-fno-rtti"
+                cppFlags += "-fvisibility=hidden"
+                cppFlags += "-fvisibility-inlines-hidden"
            }
        }
    }
@@ -38,12 +54,17 @@ android {
    }

    externalNativeBuild {
-        ndkBuild {
-            path = file("src/main/cpp/Android.mk")
+        cmake {
+            path = file("src/main/cpp/CMakeLists.txt")
+            version = "3.22.1"
        }
    }
 }

+dependencies {
+    implementation("dev.rikka.ndk.thirdparty:cxx:1.2.0")
+}
+
 tasks.register("copyFiles") {
    doLast {
        val moduleFolder = project.rootDir.resolve("module")
--- a/app/src/main/cpp/Android.mk
+++ b/app/src/main/cpp/Android.mk
@@ -1,33 +0,0 @@
-LOCAL_PATH := $(call my-dir)
-
-include $(CLEAR_VARS)
-LOCAL_MODULE := zygisk
-LOCAL_SRC_FILES := main.cpp
-LOCAL_C_INCLUDES := $(LOCAL_PATH)
-
-LOCAL_SRC_FILES += $(wildcard $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/*.c)
-LOCAL_SRC_FILES += $(wildcard $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/common/*.c)
-LOCAL_SRC_FILES += $(wildcard $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/third_party/xdl/*.c)
-
-LOCAL_C_INCLUDES += $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp
-LOCAL_C_INCLUDES += $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/common
-LOCAL_C_INCLUDES += $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/include
-LOCAL_C_INCLUDES += $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/third_party/bsd
-LOCAL_C_INCLUDES += $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/third_party/lss
-LOCAL_C_INCLUDES += $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/third_party/xdl
-
-ifeq ($(TARGET_ARCH_ABI),armeabi-v7a)
-  LOCAL_SRC_FILES += $(wildcard $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/arch/arm/*.c)
-  LOCAL_C_INCLUDES += $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/arch/arm
-endif
-
-ifeq ($(TARGET_ARCH_ABI),arm64-v8a)
-  LOCAL_SRC_FILES += $(wildcard $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/arch/arm64/*.c)
-  LOCAL_C_INCLUDES += $(LOCAL_PATH)/shadowhook/shadowhook/src/main/cpp/arch/arm64
-endif
-
-LOCAL_STATIC_LIBRARIES := libcxx
-LOCAL_LDLIBS := -llog
-include $(BUILD_SHARED_LIBRARY)
-
-include $(LOCAL_PATH)/libcxx/Android.mk
--- a/app/src/main/cpp/Application.mk
+++ b/app/src/main/cpp/Application.mk
@@ -1,3 +0,0 @@
-APP_STL      := none
-APP_CFLAGS   := -Oz -fno-exceptions -fno-rtti -fvisibility=hidden -fvisibility-inlines-hidden
-APP_CPPFLAGS := -std=c++20
--- a/app/src/main/cpp/CMakeLists.txt
+++ b/app/src/main/cpp/CMakeLists.txt
@@ -2,14 +2,14 @@ cmake_minimum_required(VERSION 3.22.1)

 project(zygisk)

-include_directories(${CMAKE_SOURCE_DIR}/libcxx/include)
+find_package(cxx REQUIRED CONFIG)

-link_libraries(${CMAKE_SOURCE_DIR}/libcxx/${CMAKE_ANDROID_ARCH_ABI}.a)
+link_libraries(cxx::cxx)

 add_library(${CMAKE_PROJECT_NAME} SHARED ${CMAKE_SOURCE_DIR}/main.cpp)

+add_subdirectory(Dobby)
+
 SET_OPTION(Plugin.Android.BionicLinkerUtil ON)

-target_compile_features(${CMAKE_PROJECT_NAME} PRIVATE c_std_23 cxx_std_23)
-
-target_link_libraries(${CMAKE_PROJECT_NAME} PRIVATE log)
+target_link_libraries(${CMAKE_PROJECT_NAME} PRIVATE log dobby_static)
--- a/app/src/main/cpp/Dobby
+++ b/app/src/main/cpp/Dobby
--- a/app/src/main/cpp/libcxx
+++ b/app/src/main/cpp/libcxx
--- a/app/src/main/cpp/main.cpp
+++ b/app/src/main/cpp/main.cpp
@@ -3,7 +3,7 @@
 #include <unistd.h>

 #include "zygisk.hpp"
-#include "shadowhook.h"
+#include "dobby.h"
 #include "json.hpp"

 #define LOGD(...) __android_log_print(ANDROID_LOG_DEBUG, "PIF/Native", __VA_ARGS__)
@@ -67,18 +67,17 @@ static void my_system_property_read_callback(const prop_info *pi, T_Callback cal
 }

 static void doHook() {
-    shadowhook_init(SHADOWHOOK_MODE_UNIQUE, false);
-    void *handle = shadowhook_hook_sym_name(
-            "libc.so",
-            "__system_property_read_callback",
-            reinterpret_cast<void *>(my_system_property_read_callback),
-            reinterpret_cast<void **>(&o_system_property_read_callback)
-    );
+    void *handle = DobbySymbolResolver(nullptr, "__system_property_read_callback");
    if (handle == nullptr) {
        LOGD("Couldn't find '__system_property_read_callback' handle");
        return;
    }
    LOGD("Found '__system_property_read_callback' handle at %p", handle);
+    DobbyHook(
+        handle,
+        reinterpret_cast<dobby_dummy_func_t>(my_system_property_read_callback),
+        reinterpret_cast<dobby_dummy_func_t *>(&o_system_property_read_callback)
+    );
 }

 class PlayIntegrityFix : public zygisk::ModuleBase {
--- a/app/src/main/cpp/shadowhook
+++ b/app/src/main/cpp/shadowhook
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -1,3 +1,3 @@
 plugins {
-    id("com.android.application") version "8.2.0" apply false
+    id("com.android.application") version "8.2.1" apply false
 }