This commit fixes the issue where "setns" in older kernels will fail, as until 3.19 Linux used NSFS (Name Space File System) for namespaces (/proc/self/mnt/ns), which was not taken into consideration in ReZygisk SELinux rules.
This commit fixes an issue that was caused by ReZygiskd passing NULL (an invalid address) in "reply_ok" to KernelSU driver, which expects it to be a valid address to pass if the request was successful, causing it to spam the dmesg with error logs.
This commit removes the maps hiding, as it not only breaks behavior compatibility with Magisk Zygisk (original), but also can break some modules because of that. It doesn't provide any improved hiding in slightly better detections and makes the codebase more complex.
This commit removes the "unshare" hook. It used to provide the right timing for manual umount in the past, however with recent umount system changes, basing now on mount namespaces, those are handled way earlier, and this "unshare" hook makes no difference, being considered useless.
This commit updates the values for "CMD_HOOK_MODE" to match newest KernelSU Next value and "CMD_GET_MANAGER_UID", now unified in both KernelSU and KernelSU Next.
Signed-off-by: Rifat Azad <33044977+rifsxd@users.noreply.github.com>
This commit improves how "ptrace_message" is cleaned by utilizing seccomp (Secure Computation Mode) to clear its value.
"ptrace_message" not being cleared is a Linux kernel vulnerability/bug that impacts all versions below 6.1, as the fix only came in 6.1, and because of that, we need to find ways to "0" it. This is the second fix for that, being the GKI2 fix the first: 70697be9a5
This commit sets the environment variable "ZYGISK_ENABLED" for all managers' process, not limiting to Magisk anymore, so that managers can easily detect (Re)Zygisk.
This commit fixes the leak of mounts in KernelSU with global umount disabled in isolated services. This happens because KernelSU doesn't handle isolated services in kernel side, so we must find the main app UID and see if that UID is in denylist instead. With that, also improve APatch detection to take advantage of faster integer/UID comparison rather than always check process/string comparison, and only fallback to process name based if UID is not found.
Co-Authored-By: nampud <nampud@users.noreply.github.com>
This commit fixes the issue where because the mount namespace switch happened only before the Zygisk modules execution, they wouldn't have the opportunity to set "FORCE_DENYLIST_UNMOUNT" flag. Now, with this commit, which added another check to know if that flag was set by a Zygisk module, and if so, switched to mount namespace, adjusts the behavior to the expected one.
This commit fixes the issue where due to ARM architectures having priority in ReZygiskd code, ReZygisk, running on emulators, wouldn't be capable of recognizing Zygisk modules. This order is important, Zygisk modules should always give priority to the native architecture over the emulated one, since WSA runs Zygote in x64/x86.
This commit adds "SIGPIPE" signal handling in ReZygiskd. Some processes might die while ReZygiskd is still processing the response, and it will fail to write to the reader, now dead, resulting in a "SIGPIPE". Without proper handling, the process (ReZygiskd) would die, and this commit properly handled it to gracefully log it instead of dying.
This commit fixes the issue where mounts related to APatch and ReZygisk would be leaked in isolated services for APatch environments as the UID between the main process and isolated service is different, resulting it to not be found in "package_config" and default to not switch to clean mount namespace.
This commit makes ptracer dynamically get "libc.so" library path, avoiding errors when errors happen in environments where libc.so from zygote doesn't come from "/system/lib" or "/system/lib64".
This commit fixes the issue where unclosed modules, as in not being requested to be "dlclose"d, wouldn't have their SoInfo structures freed. It also fixes the issue of maps spoofing not being performed due to the "spoof_maps" parameter being erroneously set to false in the second "clean_trace" call.
This commit fixes the issue where when the "ro.product.cpu.abilist" prop has a value bigger than 31 characters, which mostly happens in WSA (Windows Subsystem For Android) as it can support 5+ architectures, it will write outside the buffer, leading to undefined behavior, but most of the time crashes.
This commit improves the compatibility of SoInfo hiding code with more Android versions, like Android 16 QPR1 Beta 1 and newer versions, and also reduces complexity of the code.
This commit fixes the issue where due to a confusion, ReZygisk was coded so that it would remove all PLT hooks, even if they were meant to be kept. This has been fixed appropriately in LSPlt side, allowing to revert back to how it was before.
This commit fixes a trace left due to a kernel bug. In some cases (and all of them here), the sequence of events may lead to "ptrace_message" not be properly reset/not represent the actual state. This happens here, as when TRACEFORK is set in "monitor.c", setting "ptrace_message" as the PID of the new process, persists even when not tracing anymore, causing leaks.
This fix has been given by @nampud, in #171.
This commit fixes the issue where "libdl.so" wouldn't be found, when trying to inject "lizygisk.so", in systems where apex is in "/system/lib/libdl.so".
This commit both improves ReZygiskd umount system by unifying all root implementations code into a single one, and also by making it less strict to umount.
This commit fixes the logic issue which made leaked fds not be closed by "libzygisk.so", causing crashes for some. It also adds a warning for when it finds a leaked fd, so that module developers can be notified.
fixes#163
Historically "zygisksu" is the ZygiskOnKernelSU (known as Zygisk Next) module id, which due to ReZygisk being a fork of Zygisk Next, was used by it. To avoid conflicts in systems like MMRL, we decided to change it to "rezygisk". This, however, will allow both to be installed in the same system, although causing problems, as a side effect. The old module, with the old module id, must be uninstalled while the new one is installed.
closes#113
This commit adds Misaki, a new ReZygisk system to help improve safety in the root community, by allowing users to check whether a build is official or not with the use of tools like SignSee.
Name credits for Anonymous, in The PerformanC Organization Telegram chat.
This commit improves the flexibility of modules to modify mounts in "preAppSpecialize" in denylisted apps, which would later be setns to a new namespace, after executing Zygisk modules "preAppSpecialize".
This commit fixes the explanation of why "solist_drop_so_path". ReZygisk does not "dlclose" in ptracer, and doesn't "dlclose" libzygisk.so at any point, but clean SoInfo traces then munmaps it later.
This commit improves ELF utils, so that it can now retrieve symbols in other ways, like dynamic symbols or utilizing GNU hash. With the improved ELF utils, "libzygisk.so" injection in ptracer was improved, replacing the use of "dlopen" and "dlsym" in the function to get remote symbol address with the use of ELF utils, also allowing higher compatibility by using linker's dlopen, dlsym, dlerror when libdl.so is not loaded in Zygote.
This commit makes the building system create one machikado per arch, from 2 to 4, so that integrity can be checked properly in 64-bit only and 32-bit only devices.
This commit adds support for devices that are only capable of running 32-bit code, be it due to Android ROM limitations of CPU limitations. It also makes ReZygisk only install necessary libraries, so if a device is 64-bit only, it won't extract 32-bit libraries.
