From 49886d94853c20f65b366e50310b2ef384a844bf Mon Sep 17 00:00:00 2001 From: 5ec1cff Date: Tue, 12 Dec 2023 13:05:10 +0800 Subject: [PATCH] Fixes for Android 14 QPR2 B2 (https://github.com/topjohnwu/Magisk/pull/7620) --- loader/src/include/api.hpp | 1 + loader/src/injector/gen_jni_hooks.py | 76 ++++++++++++++++---------- loader/src/injector/hook.cpp | 48 ++++++++--------- loader/src/injector/jni_hooks.hpp | 80 +++++++++++++++++++++------- loader/src/injector/module.hpp | 3 +- 5 files changed, 138 insertions(+), 70 deletions(-) diff --git a/loader/src/include/api.hpp b/loader/src/include/api.hpp index ab616a9..e4a00bd 100644 --- a/loader/src/include/api.hpp +++ b/loader/src/include/api.hpp @@ -161,6 +161,7 @@ namespace zygisk { jobjectArray *const whitelisted_data_info_list; jboolean *const mount_data_dirs; jboolean *const mount_storage_dirs; + jboolean *const mount_sysprop_overrides; AppSpecializeArgs() = delete; }; diff --git a/loader/src/injector/gen_jni_hooks.py b/loader/src/injector/gen_jni_hooks.py index c15ea32..ac0544a 100644 --- a/loader/src/injector/gen_jni_hooks.py +++ b/loader/src/injector/gen_jni_hooks.py @@ -1,5 +1,7 @@ #!/usr/bin/env python3 +# keep sync with https://github.com/topjohnwu/Magisk/blob/master/native/src/core/zygisk/gen_jni_hooks.py + primitives = ['jint', 'jboolean', 'jlong'] class JType: @@ -95,7 +97,7 @@ class ForkAndSpec(JNIHook): for a in self.args: if a.set_arg: decl += ind(1) + f'args.{a.name} = &{a.name};' - decl += ind(1) + 'HookContext ctx(env, &args);' + decl += ind(1) + 'ZygiskContext ctx(env, &args);' decl += ind(1) + f'ctx.{self.base_name()}_pre();' decl += ind(1) + self.orig_method() + '(' decl += ind(2) + f'env, clazz, {self.name_list()}' @@ -146,6 +148,9 @@ whitelisted_data_info_list = Argument('whitelisted_data_info_list', JArray(jstri mount_data_dirs = Argument('mount_data_dirs', jboolean, True) mount_storage_dirs = Argument('mount_storage_dirs', jboolean, True) +# u +mount_sysprop_overrides = Argument('mount_sysprop_overrides', jboolean, True) + # server permitted_capabilities = Argument('permitted_capabilities', jlong) effective_capabilities = Argument('effective_capabilities', jlong) @@ -167,6 +172,10 @@ fas_r = ForkAndSpec('r', [uid, gid, gids, runtime_flags, rlimits, mount_external nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list, whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs]) +fas_u = ForkAndSpec('u', [uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, + nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir, is_top_app, + pkg_data_info_list, whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs, mount_sysprop_overrides]) + fas_samsung_m = ForkAndSpec('samsung_m', [uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, Anon(jint), Anon(jint), nice_name, fds_to_close, instruction_set, app_data_dir]) @@ -190,6 +199,10 @@ spec_r = SpecApp('r', [uid, gid, gids, runtime_flags, rlimits, mount_external, s is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list, whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs]) +spec_u = SpecApp('u', [uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, + is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list, + whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs, mount_sysprop_overrides]) + spec_samsung_q = SpecApp('samsung_q', [uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, Anon(jint), Anon(jint), nice_name, is_child_zygote, instruction_set, app_data_dir]) @@ -213,7 +226,7 @@ def gen_jni_def(clz, methods): decl += ind(1) + f'return {m.ret.value};' decl += ind(0) + '}' - decl += ind(0) + f'std::array {m.base_name()}_methods {{' + decl += ind(0) + f'std::array {m.base_name()}_methods = {{' for m in methods: decl += ind(1) + 'JNINativeMethod {' decl += ind(2) + f'"{m.base_name()}",' @@ -228,37 +241,16 @@ def gen_jni_def(clz, methods): return decl -def gen_jni_hook(): - decl = '' - decl += ind(0) + 'static void do_hook_zygote(JNIEnv *env) {' - decl += ind(1) + 'vector hooks;' - decl += ind(1) + 'const char *clz;' - for clz, methods in hook_map.items(): - decl += ind(1) + f'clz = "{clz}";' - for m in methods: - decl += ind(1) + f'hookJniNativeMethods(env, clz, {m}_methods.data(), {m}_methods.size());' - decl += ind(1) + f'for (auto &method : {m}_methods) {{' - decl += ind(2) + f'if (method.fnPtr) {{' - decl += ind(3) + f'{m}_orig = method.fnPtr;' - decl += ind(3) + f'hooks.emplace_back(method);' - decl += ind(3) + f'break;' - decl += ind(2) + f'}}' - decl += ind(1) + f'}}' - decl += ind(1) + f'jni_hook_list->emplace(clz, std::move(hooks));' - - decl += ind(0) + '}' - return decl - with open('jni_hooks.hpp', 'w') as f: f.write('// Generated by gen_jni_hooks.py\n') f.write('\nnamespace {\n') zygote = 'com/android/internal/os/Zygote' - methods = [fas_l, fas_o, fas_p, fas_q_alt, fas_r, fas_samsung_m, fas_samsung_n, fas_samsung_o, fas_samsung_p] + methods = [fas_l, fas_o, fas_p, fas_q_alt, fas_r, fas_u, fas_samsung_m, fas_samsung_n, fas_samsung_o, fas_samsung_p] f.write(gen_jni_def(zygote, methods)) - methods = [spec_q, spec_q_alt, spec_r, spec_samsung_q] + methods = [spec_q, spec_q_alt, spec_r, spec_u, spec_samsung_q] f.write(gen_jni_def(zygote, methods)) methods = [server_l, server_samsung_q] @@ -266,5 +258,35 @@ with open('jni_hooks.hpp', 'w') as f: f.write('\n} // namespace\n') - f.write(gen_jni_hook()) - f.write('\n') \ No newline at end of file + f.write(""" +static void do_hook_zygote(JNIEnv *env) { + vector hooks; + const char *clz; + clz = "com/android/internal/os/Zygote"; + hookJniNativeMethods(env, clz, nativeForkAndSpecialize_methods.data(), nativeForkAndSpecialize_methods.size()); + for (auto &method : nativeForkAndSpecialize_methods) { + if (method.fnPtr) { + nativeForkAndSpecialize_orig = method.fnPtr; + hooks.emplace_back(method); + break; + } + } + hookJniNativeMethods(env, clz, nativeSpecializeAppProcess_methods.data(), nativeSpecializeAppProcess_methods.size()); + for (auto &method : nativeSpecializeAppProcess_methods) { + if (method.fnPtr) { + nativeSpecializeAppProcess_orig = method.fnPtr; + hooks.emplace_back(method); + break; + } + } + hookJniNativeMethods(env, clz, nativeForkSystemServer_methods.data(), nativeForkSystemServer_methods.size()); + for (auto &method : nativeForkSystemServer_methods) { + if (method.fnPtr) { + nativeForkSystemServer_orig = method.fnPtr; + hooks.emplace_back(method); + break; + } + } + jni_hook_list->emplace(clz, std::move(hooks)); +} +""") diff --git a/loader/src/injector/hook.cpp b/loader/src/injector/hook.cpp index b5f35e0..be3193e 100644 --- a/loader/src/injector/hook.cpp +++ b/loader/src/injector/hook.cpp @@ -48,12 +48,12 @@ void name##_post(); #define MAX_FD_SIZE 1024 -struct HookContext; +struct ZygiskContext; // Current context -HookContext *g_ctx; +ZygiskContext *g_ctx; -struct HookContext { +struct ZygiskContext { JNIEnv *env; union { void *ptr; @@ -86,12 +86,12 @@ struct HookContext { vector register_info; vector ignore_info; - HookContext(JNIEnv *env, void *args) : + ZygiskContext(JNIEnv *env, void *args) : env(env), args{args}, process(nullptr), pid(-1), info_flags(0), hook_info_lock(PTHREAD_MUTEX_INITIALIZER) { g_ctx = this; } - ~HookContext(); + ~ZygiskContext(); /* Zygisksu changed: Load module fds */ void run_modules_pre(); @@ -355,7 +355,7 @@ bool ZygiskModule::RegisterModuleImpl(ApiTable *api, long *module) { return true; } -void HookContext::plt_hook_register(const char *regex, const char *symbol, void *fn, void **backup) { +void ZygiskContext::plt_hook_register(const char *regex, const char *symbol, void *fn, void **backup) { if (regex == nullptr || symbol == nullptr || fn == nullptr) return; regex_t re; @@ -365,7 +365,7 @@ void HookContext::plt_hook_register(const char *regex, const char *symbol, void register_info.emplace_back(RegisterInfo{re, symbol, fn, backup}); } -void HookContext::plt_hook_exclude(const char *regex, const char *symbol) { +void ZygiskContext::plt_hook_exclude(const char *regex, const char *symbol) { if (!regex) return; regex_t re; if (regcomp(&re, regex, REG_NOSUB) != 0) @@ -374,7 +374,7 @@ void HookContext::plt_hook_exclude(const char *regex, const char *symbol) { ignore_info.emplace_back(IgnoreInfo{re, symbol ?: ""}); } -void HookContext::plt_hook_process_regex() { +void ZygiskContext::plt_hook_process_regex() { if (register_info.empty()) return; for (auto &map : lsplt::MapInfo::Scan()) { @@ -398,7 +398,7 @@ void HookContext::plt_hook_process_regex() { } } -bool HookContext::plt_hook_commit() { +bool ZygiskContext::plt_hook_commit() { { mutex_guard lock(hook_info_lock); plt_hook_process_regex(); @@ -460,7 +460,7 @@ int sigmask(int how, int signum) { return sigprocmask(how, &set, nullptr); } -void HookContext::fork_pre() { +void ZygiskContext::fork_pre() { // Do our own fork before loading any 3rd party code // First block SIGCHLD, unblock after original fork is done sigmask(SIG_BLOCK, SIGCHLD); @@ -482,7 +482,7 @@ void HookContext::fork_pre() { allowed_fds[dirfd(dir.get())] = false; } -void HookContext::sanitize_fds() { +void ZygiskContext::sanitize_fds() { if (flags[SKIP_FD_SANITIZATION]) return; @@ -538,14 +538,14 @@ void HookContext::sanitize_fds() { } } -void HookContext::fork_post() { +void ZygiskContext::fork_post() { // Unblock SIGCHLD in case the original method didn't sigmask(SIG_UNBLOCK, SIGCHLD); g_ctx = nullptr; } /* Zygisksu changed: Load module fds */ -void HookContext::run_modules_pre() { +void ZygiskContext::run_modules_pre() { auto ms = zygiskd::ReadModules(); auto size = ms.size(); for (size_t i = 0; i < size; i++) { @@ -566,7 +566,7 @@ void HookContext::run_modules_pre() { } } -void HookContext::run_modules_post() { +void ZygiskContext::run_modules_post() { flags[POST_SPECIALIZE] = true; for (const auto &m : modules) { if (flags[APP_SPECIALIZE]) { @@ -579,14 +579,14 @@ void HookContext::run_modules_post() { } /* Zygisksu changed: Load module fds */ -void HookContext::app_specialize_pre() { +void ZygiskContext::app_specialize_pre() { flags[APP_SPECIALIZE] = true; info_flags = zygiskd::GetProcessFlags(g_ctx->args.app->uid); run_modules_pre(); } -void HookContext::app_specialize_post() { +void ZygiskContext::app_specialize_post() { run_modules_post(); // Cleanups @@ -595,7 +595,7 @@ void HookContext::app_specialize_post() { logging::setfd(-1); } -bool HookContext::exempt_fd(int fd) { +bool ZygiskContext::exempt_fd(int fd) { if (flags[POST_SPECIALIZE] || flags[SKIP_FD_SANITIZATION]) return true; if (!flags[APP_FORK_AND_SPECIALIZE]) @@ -606,7 +606,7 @@ bool HookContext::exempt_fd(int fd) { // ----------------------------------------------------------------- -void HookContext::nativeSpecializeAppProcess_pre() { +void ZygiskContext::nativeSpecializeAppProcess_pre() { process = env->GetStringUTFChars(args.app->nice_name, nullptr); LOGV("pre specialize [%s]\n", process); // App specialize does not check FD @@ -614,13 +614,13 @@ void HookContext::nativeSpecializeAppProcess_pre() { app_specialize_pre(); } -void HookContext::nativeSpecializeAppProcess_post() { +void ZygiskContext::nativeSpecializeAppProcess_post() { LOGV("post specialize [%s]\n", process); app_specialize_post(); } /* Zygisksu changed: No system_server status write back */ -void HookContext::nativeForkSystemServer_pre() { +void ZygiskContext::nativeForkSystemServer_pre() { LOGV("pre forkSystemServer\n"); flags[SERVER_FORK_AND_SPECIALIZE] = true; @@ -633,7 +633,7 @@ void HookContext::nativeForkSystemServer_pre() { sanitize_fds(); } -void HookContext::nativeForkSystemServer_post() { +void ZygiskContext::nativeForkSystemServer_post() { if (pid == 0) { LOGV("post forkSystemServer\n"); run_modules_post(); @@ -641,7 +641,7 @@ void HookContext::nativeForkSystemServer_post() { fork_post(); } -void HookContext::nativeForkAndSpecialize_pre() { +void ZygiskContext::nativeForkAndSpecialize_pre() { process = env->GetStringUTFChars(args.app->nice_name, nullptr); LOGV("pre forkAndSpecialize [%s]\n", process); @@ -658,7 +658,7 @@ void HookContext::nativeForkAndSpecialize_pre() { sanitize_fds(); } -void HookContext::nativeForkAndSpecialize_post() { +void ZygiskContext::nativeForkAndSpecialize_post() { if (pid == 0) { LOGV("post forkAndSpecialize [%s]\n", process); app_specialize_post(); @@ -666,7 +666,7 @@ void HookContext::nativeForkAndSpecialize_post() { fork_post(); } -HookContext::~HookContext() { +ZygiskContext::~ZygiskContext() { // This global pointer points to a variable on the stack. // Set this to nullptr to prevent leaking local variable. // This also disables most plt hooked functions. diff --git a/loader/src/injector/jni_hooks.hpp b/loader/src/injector/jni_hooks.hpp index ea18140..3180cbe 100644 --- a/loader/src/injector/jni_hooks.hpp +++ b/loader/src/injector/jni_hooks.hpp @@ -5,7 +5,7 @@ namespace { void *nativeForkAndSpecialize_orig = nullptr; [[clang::no_stack_protector]] jint nativeForkAndSpecialize_l(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jintArray fds_to_close, jstring instruction_set, jstring app_data_dir) { AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, fds_to_close, instruction_set, app_data_dir @@ -16,7 +16,7 @@ void *nativeForkAndSpecialize_orig = nullptr; [[clang::no_stack_protector]] jint nativeForkAndSpecialize_o(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jstring instruction_set, jstring app_data_dir) { AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, fds_to_close, fds_to_ignore, instruction_set, app_data_dir @@ -28,7 +28,7 @@ void *nativeForkAndSpecialize_orig = nullptr; AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; args.is_child_zygote = &is_child_zygote; - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir @@ -41,7 +41,7 @@ void *nativeForkAndSpecialize_orig = nullptr; args.fds_to_ignore = &fds_to_ignore; args.is_child_zygote = &is_child_zygote; args.is_top_app = &is_top_app; - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir, is_top_app @@ -58,7 +58,7 @@ void *nativeForkAndSpecialize_orig = nullptr; args.whitelisted_data_info_list = &whitelisted_data_info_list; args.mount_data_dirs = &mount_data_dirs; args.mount_storage_dirs = &mount_storage_dirs; - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list, whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs @@ -66,9 +66,27 @@ void *nativeForkAndSpecialize_orig = nullptr; ctx.nativeForkAndSpecialize_post(); return ctx.pid; } +[[clang::no_stack_protector]] jint nativeForkAndSpecialize_u(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app, jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list, jboolean mount_data_dirs, jboolean mount_storage_dirs, jboolean mount_sysprop_overrides) { + AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + args.fds_to_ignore = &fds_to_ignore; + args.is_child_zygote = &is_child_zygote; + args.is_top_app = &is_top_app; + args.pkg_data_info_list = &pkg_data_info_list; + args.whitelisted_data_info_list = &whitelisted_data_info_list; + args.mount_data_dirs = &mount_data_dirs; + args.mount_storage_dirs = &mount_storage_dirs; + args.mount_sysprop_overrides = &mount_sysprop_overrides; + ZygiskContext ctx(env, &args); + ctx.nativeForkAndSpecialize_pre(); + reinterpret_cast(nativeForkAndSpecialize_orig)( + env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list, whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs, mount_sysprop_overrides + ); + ctx.nativeForkAndSpecialize_post(); + return ctx.pid; +} [[clang::no_stack_protector]] jint nativeForkAndSpecialize_samsung_m(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jint _0, jint _1, jstring nice_name, jintArray fds_to_close, jstring instruction_set, jstring app_data_dir) { AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, _0, _1, nice_name, fds_to_close, instruction_set, app_data_dir @@ -78,7 +96,7 @@ void *nativeForkAndSpecialize_orig = nullptr; } [[clang::no_stack_protector]] jint nativeForkAndSpecialize_samsung_n(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jint _2, jint _3, jstring nice_name, jintArray fds_to_close, jstring instruction_set, jstring app_data_dir, jint _4) { AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, _2, _3, nice_name, fds_to_close, instruction_set, app_data_dir, _4 @@ -89,7 +107,7 @@ void *nativeForkAndSpecialize_orig = nullptr; [[clang::no_stack_protector]] jint nativeForkAndSpecialize_samsung_o(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jint _5, jint _6, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jstring instruction_set, jstring app_data_dir) { AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, _5, _6, nice_name, fds_to_close, fds_to_ignore, instruction_set, app_data_dir @@ -101,7 +119,7 @@ void *nativeForkAndSpecialize_orig = nullptr; AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.fds_to_ignore = &fds_to_ignore; args.is_child_zygote = &is_child_zygote; - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkAndSpecialize_pre(); reinterpret_cast(nativeForkAndSpecialize_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, _7, _8, nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir @@ -109,7 +127,7 @@ void *nativeForkAndSpecialize_orig = nullptr; ctx.nativeForkAndSpecialize_post(); return ctx.pid; } -std::array nativeForkAndSpecialize_methods { +std::array nativeForkAndSpecialize_methods = { JNINativeMethod { "nativeForkAndSpecialize", "(II[II[[IILjava/lang/String;Ljava/lang/String;[ILjava/lang/String;Ljava/lang/String;)I", @@ -135,6 +153,11 @@ std::array nativeForkAndSpecialize_methods { "(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;[Ljava/lang/String;ZZ)I", (void *) &nativeForkAndSpecialize_r }, + JNINativeMethod { + "nativeForkAndSpecialize", + "(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;[Ljava/lang/String;ZZZ)I", + (void *) &nativeForkAndSpecialize_u + }, JNINativeMethod { "nativeForkAndSpecialize", "(II[II[[IILjava/lang/String;IILjava/lang/String;[ILjava/lang/String;Ljava/lang/String;)I", @@ -161,7 +184,7 @@ void *nativeSpecializeAppProcess_orig = nullptr; [[clang::no_stack_protector]] void nativeSpecializeAppProcess_q(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir) { AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.is_child_zygote = &is_child_zygote; - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeSpecializeAppProcess_pre(); reinterpret_cast(nativeSpecializeAppProcess_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, is_child_zygote, instruction_set, app_data_dir @@ -172,7 +195,7 @@ void *nativeSpecializeAppProcess_orig = nullptr; AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.is_child_zygote = &is_child_zygote; args.is_top_app = &is_top_app; - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeSpecializeAppProcess_pre(); reinterpret_cast(nativeSpecializeAppProcess_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, is_child_zygote, instruction_set, app_data_dir, is_top_app @@ -187,24 +210,40 @@ void *nativeSpecializeAppProcess_orig = nullptr; args.whitelisted_data_info_list = &whitelisted_data_info_list; args.mount_data_dirs = &mount_data_dirs; args.mount_storage_dirs = &mount_storage_dirs; - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeSpecializeAppProcess_pre(); reinterpret_cast(nativeSpecializeAppProcess_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list, whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs ); ctx.nativeSpecializeAppProcess_post(); } +[[clang::no_stack_protector]] void nativeSpecializeAppProcess_u(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir, jboolean is_top_app, jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list, jboolean mount_data_dirs, jboolean mount_storage_dirs, jboolean mount_sysprop_overrides) { + AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); + args.is_child_zygote = &is_child_zygote; + args.is_top_app = &is_top_app; + args.pkg_data_info_list = &pkg_data_info_list; + args.whitelisted_data_info_list = &whitelisted_data_info_list; + args.mount_data_dirs = &mount_data_dirs; + args.mount_storage_dirs = &mount_storage_dirs; + args.mount_sysprop_overrides = &mount_sysprop_overrides; + ZygiskContext ctx(env, &args); + ctx.nativeSpecializeAppProcess_pre(); + reinterpret_cast(nativeSpecializeAppProcess_orig)( + env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list, whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs, mount_sysprop_overrides + ); + ctx.nativeSpecializeAppProcess_post(); +} [[clang::no_stack_protector]] void nativeSpecializeAppProcess_samsung_q(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jint mount_external, jstring se_info, jint _9, jint _10, jstring nice_name, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir) { AppSpecializeArgs_v3 args(uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, instruction_set, app_data_dir); args.is_child_zygote = &is_child_zygote; - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeSpecializeAppProcess_pre(); reinterpret_cast(nativeSpecializeAppProcess_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, _9, _10, nice_name, is_child_zygote, instruction_set, app_data_dir ); ctx.nativeSpecializeAppProcess_post(); } -std::array nativeSpecializeAppProcess_methods { +std::array nativeSpecializeAppProcess_methods = { JNINativeMethod { "nativeSpecializeAppProcess", "(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;)V", @@ -220,6 +259,11 @@ std::array nativeSpecializeAppProcess_methods { "(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;[Ljava/lang/String;ZZ)V", (void *) &nativeSpecializeAppProcess_r }, + JNINativeMethod { + "nativeSpecializeAppProcess", + "(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;[Ljava/lang/String;ZZZ)V", + (void *) &nativeSpecializeAppProcess_u + }, JNINativeMethod { "nativeSpecializeAppProcess", "(II[II[[IILjava/lang/String;IILjava/lang/String;ZLjava/lang/String;Ljava/lang/String;)V", @@ -230,7 +274,7 @@ std::array nativeSpecializeAppProcess_methods { void *nativeForkSystemServer_orig = nullptr; [[clang::no_stack_protector]] jint nativeForkSystemServer_l(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jobjectArray rlimits, jlong permitted_capabilities, jlong effective_capabilities) { ServerSpecializeArgs_v1 args(uid, gid, gids, runtime_flags, permitted_capabilities, effective_capabilities); - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkSystemServer_pre(); reinterpret_cast(nativeForkSystemServer_orig)( env, clazz, uid, gid, gids, runtime_flags, rlimits, permitted_capabilities, effective_capabilities @@ -240,7 +284,7 @@ void *nativeForkSystemServer_orig = nullptr; } [[clang::no_stack_protector]] jint nativeForkSystemServer_samsung_q(JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, jint _11, jint _12, jobjectArray rlimits, jlong permitted_capabilities, jlong effective_capabilities) { ServerSpecializeArgs_v1 args(uid, gid, gids, runtime_flags, permitted_capabilities, effective_capabilities); - HookContext ctx(env, &args); + ZygiskContext ctx(env, &args); ctx.nativeForkSystemServer_pre(); reinterpret_cast(nativeForkSystemServer_orig)( env, clazz, uid, gid, gids, runtime_flags, _11, _12, rlimits, permitted_capabilities, effective_capabilities @@ -248,7 +292,7 @@ void *nativeForkSystemServer_orig = nullptr; ctx.nativeForkSystemServer_post(); return ctx.pid; } -std::array nativeForkSystemServer_methods { +std::array nativeForkSystemServer_methods = { JNINativeMethod { "nativeForkSystemServer", "(II[II[[IJJ)I", diff --git a/loader/src/injector/module.hpp b/loader/src/injector/module.hpp index 60b2fa0..bc2ec1a 100644 --- a/loader/src/injector/module.hpp +++ b/loader/src/injector/module.hpp @@ -5,7 +5,7 @@ namespace { - struct HookContext; + struct ZygiskContext; struct ZygiskModule; struct AppSpecializeArgs_v1; @@ -44,6 +44,7 @@ namespace { jobjectArray *whitelisted_data_info_list = nullptr; jboolean *mount_data_dirs = nullptr; jboolean *mount_storage_dirs = nullptr; + jboolean *mount_sysprop_overrides = nullptr; AppSpecializeArgs_v3( jint &uid, jint &gid, jintArray &gids, jint &runtime_flags,