From 2017140e0e708717a46b34e37f88e85cc8d07832 Mon Sep 17 00:00:00 2001 From: ThePedroo Date: Sat, 22 Jun 2024 23:08:14 -0300 Subject: [PATCH] update: `AppSpecializeArgs` This commit updates the AppSpecializeArgs to match newest one. --- loader/src/injector/gen_jni_hooks.py | 4 +--- loader/src/injector/hook.cpp | 14 +++++++---- loader/src/injector/jni_hooks.hpp | 30 +++++++++++------------ loader/src/injector/module.hpp | 36 +++++++++++++++++++--------- loader/src/ptracer/ptracer.cpp | 2 -- 5 files changed, 51 insertions(+), 35 deletions(-) diff --git a/loader/src/injector/gen_jni_hooks.py b/loader/src/injector/gen_jni_hooks.py index ac0544a..1f134a5 100644 --- a/loader/src/injector/gen_jni_hooks.py +++ b/loader/src/injector/gen_jni_hooks.py @@ -1,7 +1,5 @@ #!/usr/bin/env python3 -# keep sync with https://github.com/topjohnwu/Magisk/blob/master/native/src/core/zygisk/gen_jni_hooks.py - primitives = ['jint', 'jboolean', 'jlong'] class JType: @@ -89,7 +87,7 @@ class ForkAndSpec(JNIHook): return 'nativeForkAndSpecialize' def init_args(self): - return 'AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir);' + return 'AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir);' def body(self): decl = '' diff --git a/loader/src/injector/hook.cpp b/loader/src/injector/hook.cpp index 9dcfa9a..8db2737 100644 --- a/loader/src/injector/hook.cpp +++ b/loader/src/injector/hook.cpp @@ -57,7 +57,7 @@ struct ZygiskContext { JNIEnv *env; union { void *ptr; - AppSpecializeArgs_v3 *app; + AppSpecializeArgs_v5 *app; ServerSpecializeArgs_v1 *server; } args; @@ -199,10 +199,11 @@ DCL_HOOK_FUNC(int, pthread_attr_destroy, void *target) { void initialize_jni_hook(); DCL_HOOK_FUNC(char *, strdup, const char *s) { - if (s == "com.android.internal.os.ZygoteInit"sv) { - LOGV("strdup %s\n", s); - initialize_jni_hook(); + if (strcmp(s, "com.android.internal.os.ZygoteInit") == 0) { + LOGV("strdup %s\n", s); + initialize_jni_hook(); } + return old_strdup(s); } @@ -736,10 +737,15 @@ void hook_functions() { ino_t android_runtime_inode = 0; dev_t android_runtime_dev = 0; + /* TODO by ThePedroo: Implement injection via native bridge */ + // ino_t native_bridge_inode = 0; + // dev_t native_bridge_dev = 0; + for (auto &map : lsplt::MapInfo::Scan()) { if (map.path.ends_with("libandroid_runtime.so")) { android_runtime_inode = map.inode; android_runtime_dev = map.dev; + break; } } diff --git a/loader/src/injector/jni_hooks.hpp b/loader/src/injector/jni_hooks.hpp index 3180cbe..b4daaaf 100644 --- a/loader/src/injector/jni_hooks.hpp +++ b/loader/src/injector/jni_hooks.hpp @@ -4,7 +4,7 @@ namespace { void *nativeForkAndSpecialize_orig = nullptr; [[clang::no_stack_protector]] jint nativeForkAndSpecialize_l(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jintArray fds_to_close, jstring instruction_set, jstring app_data_dir) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( @@ -14,7 +14,7 @@ void *nativeForkAndSpecialize_orig = nullptr; return ctx.pid; } [[clang::no_stack_protector]] jint nativeForkAndSpecialize_o(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jstring instruction_set, jstring app_data_dir) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); @@ -25,7 +25,7 @@ void *nativeForkAndSpecialize_orig = nullptr; return ctx.pid; } [[clang::no_stack_protector]] jint nativeForkAndSpecialize_p(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; args.is_child_zygote = &is_child_zygote; ZygiskContext ctx(env, &args); @@ -37,7 +37,7 @@ void *nativeForkAndSpecialize_orig = nullptr; return ctx.pid; } [[clang::no_stack_protector]] jint nativeForkAndSpecialize_q_alt(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; args.is_child_zygote = &is_child_zygote; args.is_top_app = &is_top_app; @@ -50,7 +50,7 @@ void *nativeForkAndSpecialize_orig = nullptr; return ctx.pid; } [[clang::no_stack_protector]] jint nativeForkAndSpecialize_r(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app, jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list, jboolean mount_data_dirs, jboolean mount_storage_dirs) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; args.is_child_zygote = &is_child_zygote; args.is_top_app = &is_top_app; @@ -67,7 +67,7 @@ void *nativeForkAndSpecialize_orig = nullptr; return ctx.pid; } [[clang::no_stack_protector]] jint nativeForkAndSpecialize_u(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app, jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list, jboolean mount_data_dirs, jboolean mount_storage_dirs, jboolean mount_sysprop_overrides) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; args.is_child_zygote = &is_child_zygote; args.is_top_app = &is_top_app; @@ -85,7 +85,7 @@ void *nativeForkAndSpecialize_orig = nullptr; return ctx.pid; } [[clang::no_stack_protector]] jint nativeForkAndSpecialize_samsung_m(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jint _0, jint _1, jstring nice_name, jintArray fds_to_close, jstring instruction_set, jstring app_data_dir) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( @@ -95,7 +95,7 @@ void *nativeForkAndSpecialize_orig = nullptr; return ctx.pid; } [[clang::no_stack_protector]] jint nativeForkAndSpecialize_samsung_n(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jint _2, jint _3, jstring nice_name, jintArray fds_to_close, jstring instruction_set, jstring app_data_dir, jint _4) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( @@ -105,7 +105,7 @@ void *nativeForkAndSpecialize_orig = nullptr; return ctx.pid; } [[clang::no_stack_protector]] jint nativeForkAndSpecialize_samsung_o(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jint _5, jint _6, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jstring instruction_set, jstring app_data_dir) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); @@ -116,7 +116,7 @@ void *nativeForkAndSpecialize_orig = nullptr; return ctx.pid; } [[clang::no_stack_protector]] jint nativeForkAndSpecialize_samsung_p(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jint _7, jint _8, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; args.is_child_zygote = &is_child_zygote; ZygiskContext ctx(env, &args); @@ -182,7 +182,7 @@ std::array nativeForkAndSpecialize_methods = { void *nativeSpecializeAppProcess_orig = nullptr; [[clang::no_stack_protector]] void nativeSpecializeAppProcess_q(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.is_child_zygote = &is_child_zygote; ZygiskContext ctx(env, &args); ctx.nativeSpecializeAppProcess_pre(); @@ -192,7 +192,7 @@ void *nativeSpecializeAppProcess_orig = nullptr; ctx.nativeSpecializeAppProcess_post(); } [[clang::no_stack_protector]] void nativeSpecializeAppProcess_q_alt(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.is_child_zygote = &is_child_zygote; args.is_top_app = &is_top_app; ZygiskContext ctx(env, &args); @@ -203,7 +203,7 @@ void *nativeSpecializeAppProcess_orig = nullptr; ctx.nativeSpecializeAppProcess_post(); } [[clang::no_stack_protector]] void nativeSpecializeAppProcess_r(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app, jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list, jboolean mount_data_dirs, jboolean mount_storage_dirs) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.is_child_zygote = &is_child_zygote; args.is_top_app = &is_top_app; args.pkg_data_info_list = &pkg_data_info_list; @@ -218,7 +218,7 @@ void *nativeSpecializeAppProcess_orig = nullptr; ctx.nativeSpecializeAppProcess_post(); } [[clang::no_stack_protector]] void nativeSpecializeAppProcess_u(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app, jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list, jboolean mount_data_dirs, jboolean mount_storage_dirs, jboolean mount_sysprop_overrides) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.is_child_zygote = &is_child_zygote; args.is_top_app = &is_top_app; args.pkg_data_info_list = &pkg_data_info_list; @@ -234,7 +234,7 @@ void *nativeSpecializeAppProcess_orig = nullptr; ctx.nativeSpecializeAppProcess_post(); } [[clang::no_stack_protector]] void nativeSpecializeAppProcess_samsung_q(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jint _9, jint _10, jstring nice_name, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir) { - AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + AppSpecializeArgs_v5 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.is_child_zygote = &is_child_zygote; ZygiskContext ctx(env, &args); ctx.nativeSpecializeAppProcess_pre(); diff --git a/loader/src/injector/module.hpp b/loader/src/injector/module.hpp index c4920f9..dfbde57 100644 --- a/loader/src/injector/module.hpp +++ b/loader/src/injector/module.hpp @@ -12,16 +12,19 @@ namespace { using AppSpecializeArgs_v2 = AppSpecializeArgs_v1; struct AppSpecializeArgs_v3; using AppSpecializeArgs_v4 = AppSpecializeArgs_v3; + struct AppSpecializeArgs_v5; struct module_abi_v1; using module_abi_v2 = module_abi_v1; using module_abi_v3 = module_abi_v1; using module_abi_v4 = module_abi_v1; + using module_abi_v5 = module_abi_v1; struct api_abi_v1; struct api_abi_v2; using api_abi_v3 = api_abi_v2; struct api_abi_v4; + using api_abi_v5 = api_abi_v4; union ApiTable; @@ -44,7 +47,6 @@ namespace { jobjectArray *whitelisted_data_info_list = nullptr; jboolean *mount_data_dirs = nullptr; jboolean *mount_storage_dirs = nullptr; - jboolean *mount_sysprop_overrides = nullptr; AppSpecializeArgs_v3( jint &uid, jint &gid, jintArray &gids, jint &runtime_flags, @@ -55,6 +57,17 @@ namespace { instruction_set(instruction_set), app_data_dir(app_data_dir) {} }; + struct AppSpecializeArgs_v5 : public AppSpecializeArgs_v3 { + jboolean *mount_sysprop_overrides = nullptr; + + AppSpecializeArgs_v5( + jint &uid, jint &gid, jintArray &gids, jint &runtime_flags, + jobjectArray &rlimits, jint &mount_external, jstring &se_info, jstring &nice_name, + jstring &instruction_set, jstring &app_data_dir) : AppSpecializeArgs_v3( + uid, gid, gids, runtime_flags, rlimits, mount_external, + se_info, nice_name, instruction_set, app_data_dir) {} + }; + struct AppSpecializeArgs_v1 { jint &uid; jint &gid; @@ -73,14 +86,14 @@ namespace { jboolean *const mount_data_dirs; jboolean *const mount_storage_dirs; - AppSpecializeArgs_v1(const AppSpecializeArgs_v3 *v3) : - uid(v3->uid), gid(v3->gid), gids(v3->gids), runtime_flags(v3->runtime_flags), - mount_external(v3->mount_external), se_info(v3->se_info), nice_name(v3->nice_name), - instruction_set(v3->instruction_set), app_data_dir(v3->app_data_dir), - is_child_zygote(v3->is_child_zygote), is_top_app(v3->is_top_app), - pkg_data_info_list(v3->pkg_data_info_list), - whitelisted_data_info_list(v3->whitelisted_data_info_list), - mount_data_dirs(v3->mount_data_dirs), mount_storage_dirs(v3->mount_storage_dirs) {} + AppSpecializeArgs_v1(const AppSpecializeArgs_v5 *a) : + uid(a->uid), gid(a->gid), gids(a->gids), runtime_flags(a->runtime_flags), + mount_external(a->mount_external), se_info(a->se_info), nice_name(a->nice_name), + instruction_set(a->instruction_set), app_data_dir(a->app_data_dir), + is_child_zygote(a->is_child_zygote), is_top_app(a->is_top_app), + pkg_data_info_list(a->pkg_data_info_list), + whitelisted_data_info_list(a->whitelisted_data_info_list), + mount_data_dirs(a->mount_data_dirs), mount_storage_dirs(a->mount_storage_dirs) {} }; struct ServerSpecializeArgs_v1 { @@ -168,6 +181,7 @@ case 2: { \ } \ case 3: \ case 4: \ +case 5: \ mod.v1->method(mod.v1->impl, args);\ break; \ } @@ -177,10 +191,10 @@ case 4: \ void onLoad(void *env) { entry.fn(&api, env); } - void preAppSpecialize(AppSpecializeArgs_v3 *args) const { + void preAppSpecialize(AppSpecializeArgs_v5 *args) const { call_app(preAppSpecialize) } - void postAppSpecialize(const AppSpecializeArgs_v3 *args) const { + void postAppSpecialize(const AppSpecializeArgs_v5 *args) const { call_app(postAppSpecialize) } void preServerSpecialize(ServerSpecializeArgs_v1 *args) const { diff --git a/loader/src/ptracer/ptracer.cpp b/loader/src/ptracer/ptracer.cpp index fa3b791..4489d33 100644 --- a/loader/src/ptracer/ptracer.cpp +++ b/loader/src/ptracer/ptracer.cpp @@ -8,8 +8,6 @@ #include #include #include -#include -#include #include #include #include