fix: Zygiskd remote read types

This commit fixes the mismatch between types sent by lizygisk.so and read by Zygiskd, causing issues.

zygiskd/build.gradle.kts

@@ -29,7 +29,7 @@ val commitHash: String by rootProject.extra
 val CStandardFlags = arrayOf(
   "-D_GNU_SOURCE", "-std=c99", "-Wpedantic", "-Wall", "-Wextra", "-Werror",
   "-Wformat", "-Wuninitialized", "-Wshadow", "-Wno-zero-length-array", 
-  "-Wno-fixed-enum-extension", "-Iroot_impl", "-llog",
+  "-Wconversion", "-Wno-fixed-enum-extension", "-Iroot_impl", "-llog",
   "-DMIN_APATCH_VERSION=$minAPatchVersion",
   "-DMIN_KSU_VERSION=$minKsuVersion",
   "-DMAX_KSU_VERSION=$maxKsuVersion",

zygiskd/src/companion.c

@@ -31,7 +31,6 @@ zygisk_companion_entry_func load_module(int fd) {
 
   void *handle = android_dlopen(path, RTLD_NOW);
   void *entry = dlsym(handle, "zygisk_companion_entry");
-  if (entry == NULL) return NULL;
   
   return (zygisk_companion_entry_func)entry;
 }
@@ -42,7 +41,9 @@ void *entry_thread(void *arg) {
   int fd = args->fd;
   zygisk_companion_entry_func module_entry = args->entry;
 
-  module_entry(fd);
+  struct stat st0;
+  if (fstat(fd, &st0) == -1) {
+    LOGE("Failed to get client fd stats\n");
 
     close(fd);
     free(args);
@@ -50,6 +51,29 @@ void *entry_thread(void *arg) {
     pthread_exit(NULL);
   }
 
+  module_entry(fd);
+
+  struct stat st1;
+  if (fstat(fd, &st1) == -1) {
+    LOGE("Failed to get client fd stats\n");
+
+    close(fd);
+    free(args);
+
+    pthread_exit(NULL);
+  }
+
+  if (st0.st_dev != st1.st_dev || st0.st_ino != st1.st_ino) {
+    LOGI("Client fd changed. Closing.\n");
+
+    close(fd);
+  }
+
+  free(args);
+
+  return NULL;
+}
+
 /* WARNING: Dynamic memory based */
 void companion_entry(int fd) {
   LOGI("New companion entry.\n - Client fd: %d\n", fd);
@@ -67,7 +91,7 @@ void companion_entry(int fd) {
   }
   name[name_length] = '\0';
 
-  LOGI(" - Module name: `%.*s`\n", (int)name_length, name);
+  LOGI(" - Module name: \"%s\"\n", name);
 
   int library_fd = read_fd(fd);
   ssize_t ret = 0;
@@ -86,7 +110,7 @@ void companion_entry(int fd) {
   close(library_fd);
 
   if (module_entry == NULL) {
-    LOGI("No companion module entry for module: %.*s\n", (int)name_length, name);
+    LOGE("No companion module entry for module: %s\n", name);
 
     ret = write_uint8_t(fd, 0);
     ASSURE_SIZE_WRITE("ZygiskdCompanion", "module_entry", ret, sizeof(uint8_t));
@@ -99,7 +123,7 @@ void companion_entry(int fd) {
 
   while (1) {
     if (!check_unix_socket(fd, true)) {
-      LOGI("Something went wrong in companion. Bye!\n");
+      LOGE("Something went wrong in companion. Bye!\n");
 
       exit(0);
 
@@ -117,13 +141,15 @@ void companion_entry(int fd) {
     if (args == NULL) {
       LOGE("Failed to allocate memory for thread args\n");
 
+      close(client_fd);
+
       exit(0);
     }
 
     args->fd = client_fd;
     args->entry = module_entry;
 
-    LOGI("New companion request.\n - Module name: %.*s\n - Client fd: %d\n", (int)name_length, name, args->fd);
+    LOGI("New companion request.\n - Module name: %s\n - Client fd: %d\n", name, args->fd);
 
     ret = write_uint8_t(args->fd, 1);
     ASSURE_SIZE_WRITE("ZygiskdCompanion", "client_fd", ret, sizeof(uint8_t));

zygiskd/src/constants.h

@@ -25,15 +25,15 @@
 #define SYSTEM_SERVER_STARTED 10
 
 enum DaemonSocketAction {
-  PingHeartbeat,
+  PingHeartbeat          = 0,
-  RequestLogcatFd,
+  RequestLogcatFd        = 1,
-  GetProcessFlags,
+  GetProcessFlags        = 2,
-  GetInfo,
+  GetInfo                = 3,
-  ReadModules,
+  ReadModules            = 4,
-  RequestCompanionSocket,
+  RequestCompanionSocket = 5,
-  GetModuleDir,
+  GetModuleDir           = 6,
-  ZygoteRestart,
+  ZygoteRestart          = 7,
-  SystemServerStarted
+  SystemServerStarted    = 8
 };
 
 enum ProcessFlags: uint32_t {

zygiskd/src/root_impl/apatch.c

@@ -115,7 +115,7 @@ bool _apatch_get_package_config(struct packages_config *restrict config) {
     char *uid_str = strtok(NULL, ",");
     if (uid_str == NULL) continue;
 
-    config->configs[config->size].uid = atoi(uid_str);
+    config->configs[config->size].uid = (uid_t)atoi(uid_str);
     config->configs[config->size].root_granted = strcmp(allow_str, "1") == 0;
     config->configs[config->size].umount_needed = strcmp(exclude_str, "1") == 0;
 

zygiskd/src/root_impl/kernelsu.c

@@ -14,7 +14,7 @@
            so we need to cast it to signed int to
            avoid any potential UB.
 */
-#define KERNEL_SU_OPTION 0xdeadbeef
+#define KERNEL_SU_OPTION (int)0xdeadbeef
 
 #define CMD_GET_VERSION 2
 #define CMD_UID_GRANTED_ROOT 12
@@ -52,7 +52,7 @@ bool ksu_uid_granted_root(uid_t uid) {
   bool granted = false;
   prctl(KERNEL_SU_OPTION, CMD_UID_GRANTED_ROOT, uid, &granted, &result);
 
-  if (result != KERNEL_SU_OPTION) return false;
+  if ((int)result != KERNEL_SU_OPTION) return false;
 
   return granted;
 }
@@ -62,7 +62,7 @@ bool ksu_uid_should_umount(uid_t uid) {
   bool umount = false;
   prctl(KERNEL_SU_OPTION, CMD_UID_SHOULD_UMOUNT, uid, &umount, &result);
 
-  if (result != KERNEL_SU_OPTION) return false;
+  if ((int)result != KERNEL_SU_OPTION) return false;
 
   return umount;
 }

zygiskd/src/utils.c

@@ -272,9 +272,6 @@ int read_fd(int fd) {
     return read(fd, val, sizeof(type));     \
   }
 
-write_func(int)
-read_func(int)
-
 write_func(size_t)
 read_func(size_t)
 
@@ -365,7 +362,7 @@ bool exec_command(char *restrict buf, size_t len, const char *restrict file, cha
   } else {
     close(link[1]);
 
-    int nbytes = read(link[0], buf, len);
+    ssize_t nbytes = read(link[0], buf, len);
     if (nbytes > 0) buf[nbytes - 1] = '\0';
     /* INFO: If something went wrong, at least we must ensure it is NULL-terminated */
     else buf[0] = '\0';

zygiskd/src/utils.h

@@ -80,9 +80,6 @@ int unix_listener_from_path(char *path);
 ssize_t write_fd(int fd, int sendfd);
 int read_fd(int fd);
 
-write_func_def(int);
-read_func_def(int);
-
 write_func_def(size_t);
 read_func_def(size_t);
 

zygiskd/src/zygiskd.c

@@ -30,7 +30,7 @@ struct Module {
 
 struct Context {
   struct Module *modules;
-  int len;
+  size_t len;
 };
 
 enum Architecture {
@@ -85,14 +85,14 @@ int create_library_fd(const char *restrict so_path) {
 
   /* INFO: This is required as older implementations of glibc may not
              have the memfd_create function call, causing a crash. */
-  int memfd = syscall(SYS_memfd_create, "jit-cache-zygisk", MFD_ALLOW_SEALING);
+  int memfd = (int)syscall(SYS_memfd_create, "jit-cache-zygisk", MFD_ALLOW_SEALING);
   if (memfd == -1) {
     LOGE("Failed creating memfd: %s\n", strerror(errno));
 
     return -1;
   }
 
-  if (sendfile(memfd, so_fd, NULL, so_size) == -1) {
+  if (sendfile(memfd, so_fd, NULL, (size_t)so_size) == -1) {
     LOGE("Failed copying so file to memfd: %s\n", strerror(errno));
 
     close(so_fd);
@@ -174,7 +174,7 @@ static void load_modules(enum Architecture arch, struct Context *restrict contex
     }
 
 
-    context->modules = realloc(context->modules, ((context->len + 1) * sizeof(struct Module)));
+    context->modules = realloc(context->modules, (size_t)((context->len + 1) * sizeof(struct Module)));
     if (context->modules == NULL) {
       LOGE("Failed reallocating memory for modules.\n");
 
@@ -189,7 +189,7 @@ static void load_modules(enum Architecture arch, struct Context *restrict contex
 }
 
 static void free_modules(struct Context *restrict context) {
-  for (int i = 0; i < context->len; i++) {
+  for (size_t i = 0; i < context->len; i++) {
     free(context->modules[i].name);
     if (context->modules[i].companion != -1) close(context->modules[i].companion);
   }
@@ -344,7 +344,7 @@ void zygiskd_start(char *restrict argv[]) {
       msg->length = sprintf(msg->data, "Unsupported environment: Multiple root implementations found");
     }
 
-    unix_datagram_sendto(CONTROLLER_SOCKET, (void *)msg, sizeof(struct MsgHead) + msg->length);
+    unix_datagram_sendto(CONTROLLER_SOCKET, (void *)msg, (size_t)((int)sizeof(struct MsgHead) + msg->length));
 
     free(msg);
   } else {
@@ -357,7 +357,7 @@ void zygiskd_start(char *restrict argv[]) {
       module_list = strdup("None");
       module_list_len = strlen("None");
     } else {
-      for (int i = 0; i < context.len; i++) {
+      for (size_t i = 0; i < context.len; i++) {
         if (i != context.len - 1) {
           module_list = realloc(module_list, module_list_len + strlen(context.modules[i].name) + strlen(", ") + 1);
           if (module_list == NULL) {
@@ -397,7 +397,7 @@ void zygiskd_start(char *restrict argv[]) {
     msg->length = snprintf(msg->data, msg_length, "Root: %s, Modules: %s", impl_name, module_list) + 1;
     msg->cmd = DAEMON_SET_INFO;
 
-    unix_datagram_sendto(CONTROLLER_SOCKET, (void *)msg, sizeof(struct MsgHead) + msg->length);
+    unix_datagram_sendto(CONTROLLER_SOCKET, (void *)msg, (size_t)((int)sizeof(struct MsgHead) + msg->length));
 
     free(msg);
     free(module_list);
@@ -440,7 +440,7 @@ void zygiskd_start(char *restrict argv[]) {
         break;
       }
       case ZygoteRestart: {
-        for (int i = 0; i < context.len; i++) {
+        for (size_t i = 0; i < context.len; i++) {
           if (context.modules[i].companion != -1) {
             close(context.modules[i].companion);
             context.modules[i].companion = -1;
@@ -534,7 +534,7 @@ void zygiskd_start(char *restrict argv[]) {
           }
         }
 
-        ret = write_int(client_fd, flags);
+        ret = write_uint32_t(client_fd, flags);
         ASSURE_SIZE_WRITE_BREAK("GetProcessFlags", "flags", ret, sizeof(flags));
 
         break;
@@ -562,10 +562,11 @@ void zygiskd_start(char *restrict argv[]) {
           }
         }
 
-        ssize_t ret = write_size_t(client_fd, flags);
+        ssize_t ret = write_uint32_t(client_fd, flags);
         ASSURE_SIZE_WRITE_BREAK("GetInfo", "flags", ret, sizeof(flags));
 
-        uint32_t pid = getpid();    
+        /* TODO: Use pid_t */
+        uint32_t pid = (uint32_t)getpid();    
         ret = write_uint32_t(client_fd, pid);
         ASSURE_SIZE_WRITE_BREAK("GetInfo", "pid", ret, sizeof(pid));
 
@@ -612,10 +613,8 @@ void zygiskd_start(char *restrict argv[]) {
         struct Module *module = &context.modules[index];
 
         if (module->companion != -1) {
-          LOGI(" - Polling companion for module \"%s\"\n", module->name);
-
           if (!check_unix_socket(module->companion, false)) {
-            LOGE(" - Poll companion for module \"%s\" crashed\n", module->name);
+            LOGE(" - Companion for module \"%s\" crashed\n", module->name);
 
             close(module->companion);
             module->companion = -1;
@@ -626,7 +625,7 @@ void zygiskd_start(char *restrict argv[]) {
           module->companion = spawn_companion(argv, module->name, module->lib_fd);
 
           if (module->companion > 0) {
-            LOGI(" - Spawned companion for \"%s\"\n", module->name);
+            LOGI(" - Spawned companion for \"%s\": %d\n", module->name, module->companion);
           } else {
             if (module->companion == -2) {
               LOGE(" - No companion spawned for \"%s\" because it has no entry.\n", module->name);
@@ -654,14 +653,16 @@ void zygiskd_start(char *restrict argv[]) {
             close(module->companion);
             module->companion = -1;
 
-            /* INFO: RequestCompanionSocket by defailt doesn't close the client_fd */
+            /* INFO: RequestCompanionSocket by default doesn't close the client_fd */
             close(client_fd);
           }
         } else {
+          LOGE(" - Failed to spawn companion for module \"%s\"\n", module->name);
+
           ret = write_uint8_t(client_fd, 0);
           ASSURE_SIZE_WRITE_BREAK("RequestCompanionSocket", "response", ret, sizeof(int));
 
-          /* INFO: RequestCompanionSocket by defailt doesn't close the client_fd */
+          /* INFO: RequestCompanionSocket by default doesn't close the client_fd */
           close(client_fd);
         }