This commit rewrites both ART method and module related code to C, following the same behavior, aside from the module's `on load` now be called globally, allowing a better flexibility. This will not impact any module.
This commit makes Zygisk modules be preloaded globally in the main Zygote process, so that they don't need to reload all the time. This commit is authored by @nampud, and merged into mainline ReZygisk.
Co-authored-by: nampud
This commit fixes an issue where modules would have their "postAppSpecialize" called for root manager processes, but not "preAppSpecialize". The approach taken to fix that was to completely allow to inject into root manager, which instead of making it not call "postAppSpecialize" either, now it allows both.
This commit improves how ReZygisk state is shown in the module description, reducing its size in favor of the same amount of information but in the WebUI, as all root implementations have WebUI available, even if it's through external applications due to incompetency, such as Magisk.
closes#28
This commit improves the SoInfo hiding code by reducing the complexity of it, using dlclose directly when possible to make it more future proof and simple.
Co-Authored-By: 4h9fbZ <176179231+4h9fbZ@users.noreply.github.com>
This commit fixes the remote call to "strlen" fail because ReZygisk ELF utils would not handle GNU indirect functions, making it call the in-between function instead of the actual function.
This commit fixes an issue where Zygote will Abort when a preloaded file cannot be opened anymore, which happens when ReZygisk umounts a file from a module (such as Quick Switch Overlay or Pixelify) that is preloaded. To fix that, we hook on the function that causes the crash and bypass its execution if it cannot be opened.
This commit removes the maps hiding, as it not only breaks behavior compatibility with Magisk Zygisk (original), but also can break some modules because of that. It doesn't provide any improved hiding in slightly better detections and makes the codebase more complex.
This commit removes the "unshare" hook. It used to provide the right timing for manual umount in the past, however with recent umount system changes, basing now on mount namespaces, those are handled way earlier, and this "unshare" hook makes no difference, being considered useless.
This commit improves how "ptrace_message" is cleaned by utilizing seccomp (Secure Computation Mode) to clear its value.
"ptrace_message" not being cleared is a Linux kernel vulnerability/bug that impacts all versions below 6.1, as the fix only came in 6.1, and because of that, we need to find ways to "0" it. This is the second fix for that, being the GKI2 fix the first: 70697be9a5
This commit sets the environment variable "ZYGISK_ENABLED" for all managers' process, not limiting to Magisk anymore, so that managers can easily detect (Re)Zygisk.
This commit fixes the leak of mounts in KernelSU with global umount disabled in isolated services. This happens because KernelSU doesn't handle isolated services in kernel side, so we must find the main app UID and see if that UID is in denylist instead. With that, also improve APatch detection to take advantage of faster integer/UID comparison rather than always check process/string comparison, and only fallback to process name based if UID is not found.
Co-Authored-By: nampud <nampud@users.noreply.github.com>
This commit fixes the issue where because the mount namespace switch happened only before the Zygisk modules execution, they wouldn't have the opportunity to set "FORCE_DENYLIST_UNMOUNT" flag. Now, with this commit, which added another check to know if that flag was set by a Zygisk module, and if so, switched to mount namespace, adjusts the behavior to the expected one.
This commit makes ptracer dynamically get "libc.so" library path, avoiding errors when errors happen in environments where libc.so from zygote doesn't come from "/system/lib" or "/system/lib64".
This commit fixes the issue where unclosed modules, as in not being requested to be "dlclose"d, wouldn't have their SoInfo structures freed. It also fixes the issue of maps spoofing not being performed due to the "spoof_maps" parameter being erroneously set to false in the second "clean_trace" call.
This commit improves the compatibility of SoInfo hiding code with more Android versions, like Android 16 QPR1 Beta 1 and newer versions, and also reduces complexity of the code.
This commit fixes the issue where due to a confusion, ReZygisk was coded so that it would remove all PLT hooks, even if they were meant to be kept. This has been fixed appropriately in LSPlt side, allowing to revert back to how it was before.
This commit fixes a trace left due to a kernel bug. In some cases (and all of them here), the sequence of events may lead to "ptrace_message" not be properly reset/not represent the actual state. This happens here, as when TRACEFORK is set in "monitor.c", setting "ptrace_message" as the PID of the new process, persists even when not tracing anymore, causing leaks.
This fix has been given by @nampud, in #171.
This commit fixes the issue where "libdl.so" wouldn't be found, when trying to inject "lizygisk.so", in systems where apex is in "/system/lib/libdl.so".
This commit fixes the logic issue which made leaked fds not be closed by "libzygisk.so", causing crashes for some. It also adds a warning for when it finds a leaked fd, so that module developers can be notified.
fixes#163
Historically "zygisksu" is the ZygiskOnKernelSU (known as Zygisk Next) module id, which due to ReZygisk being a fork of Zygisk Next, was used by it. To avoid conflicts in systems like MMRL, we decided to change it to "rezygisk". This, however, will allow both to be installed in the same system, although causing problems, as a side effect. The old module, with the old module id, must be uninstalled while the new one is installed.
closes#113
This commit improves the flexibility of modules to modify mounts in "preAppSpecialize" in denylisted apps, which would later be setns to a new namespace, after executing Zygisk modules "preAppSpecialize".
This commit fixes the explanation of why "solist_drop_so_path". ReZygisk does not "dlclose" in ptracer, and doesn't "dlclose" libzygisk.so at any point, but clean SoInfo traces then munmaps it later.
This commit improves ELF utils, so that it can now retrieve symbols in other ways, like dynamic symbols or utilizing GNU hash. With the improved ELF utils, "libzygisk.so" injection in ptracer was improved, replacing the use of "dlopen" and "dlsym" in the function to get remote symbol address with the use of ELF utils, also allowing higher compatibility by using linker's dlopen, dlsym, dlerror when libdl.so is not loaded in Zygote.
This commit adds support for devices that are only capable of running 32-bit code, be it due to Android ROM limitations of CPU limitations. It also makes ReZygisk only install necessary libraries, so if a device is 64-bit only, it won't extract 32-bit libraries.
This commit improves the precision of ReZygiskd check for Magisk if a process is in DenyList/SuList, as previously it used "package_name" instead of the correct "process" field.
This commit removes the "Rooted" mount namespace state, as it wouldn't fit in the categories made by root implementations. The three major root implementations divide apps into three categories: SU, Umounted, (with) Mounts. The SU one consists of apps that are allowed to elevate privileges, those don't have their mounts modified, and keep root mounts. As for Umounted, it consists of apps that will have root-related mounts umounted before being executed. And finally (with) mounts which are apps that although are not allowed to elevate privileges, still have the root-related mounts kept.
Knowing that we can merge both SU and (with) Mounts into the same category: No modification to mounts/Keep root-related mounts. With that, "Mounts" mns state is also unmodified, compared to old "Modules" mns state.
Those changes also reflect on the issue where new apps couldn't ask Magisk for root as they would have SU mount umounted, which now, as ReZygisk leave them unmodified, they can.
This commit fixes a memory leak in "rezygisk_get_info" as it would read a string from ReZygiskd but would never "free" after using it. Also call "free_rezygisk_info" instead of manually cleanup in ptracer.
This commit adds the missing error handling for "UpdateMountNamespace" in both libzygisk.so and ReZygiskd, as before it would send a -1 as unsigned, leading to issues.
This commit improves logging for "update_mnt_ns" function, which now specifies which state it will update the mns to, for easier debugging. It also adds a note about the possibility of having apps with rooted permissions and also be denylisted in Magisk, causing weird behavior.
This commit fixes the issue where ReZygisk would change the mount namespace (mns) before the modules were loaded, thus failing, as "/data/adb/modules" wouldn't be mounted.
This commit fixes the logging tag for ptracer command-line tool, which would show as "zygisk-core64", the one from libzygisk, and an out-of-bounds access in "allowed_fds" array, which then the readdir returned the "." and "..", the "parse_int" would return -1, and would try to access it in "allowed_fds" without checking if it is negative, or bigger, first.
